xorg: xwayland: Buffer overflow in XkbChangeTypesOfKey()

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because t...

Using Veeam Agents with HPE VM Essentials

Article Aplicability This article was created before the release of the Veeam Plug-In for HPE Morpheus VM Essentials. Its content reflects an alternative solution that was available before the direct integration of HPE Morpheus VM Essentials management as a virtual environment in Veeam Backup &...

samba bug fix update

An update is available for samba. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Samba is an open-source implementation of the Server Message Block SMB protocol...

Ensure That All Groups Exist in /etc/passwd

All user groups in /etc/passwd must exist in the /etc/group file. If the administrator manually modifies the two files, the user groups may be incorrectly set due to human errors. If a user group in /etc/passwd does not exist in /etc/group, risks of user group permission management may occur...

SUSE CVE-2023-53128

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix throttlegroups memory leak Add a missing kfree...

CVE-2023-53128

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix throttlegroups memory leak Add a missing kfree...

DEBIAN-CVE-2023-53128

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix throttlegroups memory leak Add a missing kfree...

CVE-2023-53128 scsi: mpi3mr: Fix throttle_groups memory leak

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix throttlegroups memory leak Add a missing kfree...

CVE-2023-53128

CVE-2023-53128 affects the Linux kernel via a memory-leak in the SCSI mpi3mr driver (throttle_groups). The issue is resolved by adding a missing kfree(), as documented in multiple sources (Linux kernel patch notes and related advisories). The provided materials do not specify affected kernel vers...

CVE-2023-53128 scsi: mpi3mr: Fix throttle_groups memory leak

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix throttlegroups memory leak Add a missing kfree...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from unfree memory leading to a leak in throttlegroups...

Zero-day attacks on browsers and smartphones drop, says Google

Cybercriminals are having less success targeting end-user technology with zero-day attacks, said Google's security team this week. While most attacks do still target personal technology like smartphones and browsers, the focus is moving increasingly to enterprise tech. Zero-day vulnerabilities ar...

PT-2025-18778 · Undefined · Undefined

Multiple ransomware groups were spotted exploiting a vulnerability, tracked as CVE-2023-27532, in Veeam Backup & Replication. The vulnerability CVE-2023-275327 CVSS score of 7.5 impacts the Veeam Backup & Replication ... https://t.co/RPMhUoDv7P...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in the search function. An attacker can occupy excessive system resources by passing a malicious string with nested groups as the query parameter. PoC https://xxxx.sso.com/search?query=.11...

Secured Encryption Scheme Based on the Ree Groups

An improved design of a cryptosystem based on small Ree groups is proposed. We have changed the encryption algorithm and propose to use a logarithmic signature for the entire Ree group. This approach improves security against sequential key recovery attacks. Hence, the complexity of the key...

MST3 Encryption Improvement with Three-Parameter Group of Hermitian Function Field

This scholarly work presents an advanced cryptographic framework utilizing automorphism groups as the foundational structure for encryption scheme implementation. The proposed methodology employs a three-parameter group construction, distinguished by its application of logarithmic signatures...

UBUNTU-CVE-2025-38049

In the Linux kernel, the following vulnerability has been resolved: x86/resctrl: Fix allocation of cleanest CLOSID on platforms with no monitors Commit 6eac36bb9eb0 "x86/resctrl: Allocate the cleanest CLOSID by searching closidnumdirtyrmid" added logic that causes resctrl to search for the CLOSID...

State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns

Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late 2024 through the beginning of 2025. The phishing campaigns adopting the strategy...

UBUNTU-CVE-2025-22115

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block group refcount race in btrfscreatependingblockgroups Block group creation is done in two phases, which results in a slightly unintuitive property: a block group can be allocated/deallocated from after...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for realdev CVE-2022-49390 In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero CVE-2024-26982 In the Linux...