MiracleLinux 9 : dotnet6.0-6.0.118-1.el9.ML.1 (AXSA:2023-6098:13)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6098:13 advisory. dotnet: .NET Kestrel: Denial of Service processing X509 Certificates CVE-2023-29331 dotnet: vulnerability exists in NuGet where a potential race...

PT-2025-53609

Name of the Vulnerable Software and Affected Versions FreshRSS versions prior to 1.28.0 Description FreshRSS utilizes weak random number generators mt rand and uniqid for creating remember-me authentication tokens and challenge-response nonces. This allows attackers to predict valid session token...

awesome-burp-extensions

This is a curated list of Burp Extensions, a collection of user-submitted plugins for the Burp Suite web application security testing tool. The repository is maintained under a CC0 1.0 Universal license, allowing for the permanent relinquishment of copyright and related rights to the works...

Security and Privacy Management of IoT Using Quantum Computing

The convergence of the Internet of Things IoT and quantum computing is redefining the security paradigm of interconnected digital systems. Classical cryptographic algorithms such as RSA, Elliptic Curve Cryptography ECC, and Advanced Encryption Standard AES have long provided the foundation for...

Astra Linux – Vulnerability in Firefox, Thunderbird

The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, leading to a nullptr dereference. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140....

Separating Pseudorandom Generators from Logarithmic Pseudorandom States

Pseudorandom generators PRGs are a foundational primitive in classical cryptography, underpinning a wide range of constructions. In the quantum setting, pseudorandom quantum states PRSs were proposed as a potentially weaker assumption that might serve as a substitute for PRGs in cryptographic...

EUVD-2021-0244

Malware in sbrugna...

Unity Linux 20.1070a Security Update: firefox (UTSA-2025-987443)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987443 advisory. The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability affects Firefox 14...

RLSA-2025:12187 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird: Incorrect URL stripping in CSP reports CVE-2025-80...

EUVD-2024-40246

Malicious code in bioql PyPI...

@alfresco/aca-generators (>=1.0.0 <=1.0.1), @alfresco/adw-generators (>=1.0.0 <=1.0.1) +98 more potentially affected by CVE-2025-10894 via nx (>=21.5.1-beta.3 <=21.7.0-canary.20250930-e144408)

nx NPM version =21.5.1-beta.3, =1.0.0, =1.0.0, =0.0.1, =11.0.0, =0.52.0, =2.23.0, =0.7.10, =1.0.0, =3.22.0, =9.0.0-next.68, =1.4.0, =3.1.1, =1.0.0, =1.1.2 and more Source cves: CVE-2025-10894 Source advisory: OSV:MAL-2025-41443...

@abelfubu/schematics (=0.1.1), @alfresco/aca-generators (>=1.0.0 <=1.0.1) +147 more potentially affected by CVE-2025-10894 via nx (>=21.0.0-beta.0 <=21.7.0-canary.20250930-e144408)

nx NPM version =21.0.0-beta.0, =1.0.0, =1.0.0, =0.0.1, =11.0.0, =0.21.0, =0.0.1, =2.23.0, =0.3.53, =0.0.5, =0.0.4, =0.7.10, =0.7.29 - @edirect/nest-app =11.0.0 - @edirect/redis =11.0.0 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NX-12205542...

Malicious code in designer-generators (npm)

The package designer-generators was found to contain malicious code...

MAL-2025-18324 Malicious code in designer-generators (npm)

The package designer-generators was found to contain malicious code...

firefox: thunderbird: Incorrect JavaScript state machine for generators

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...

RHEL 8 : thunderbird (RHSA-2025:13650)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:13650 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to...

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird: Incorrect URL stripping in CSP reports CVE-2025-80...

firefox: thunderbird: Incorrect JavaScript state machine for generators

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...

firefox: thunderbird: Incorrect JavaScript state machine for generators

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...

firefox: thunderbird: Incorrect JavaScript state machine for generators

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, resulting in a nullptr dereference...