EUVD-2022-2434

Malicious code in bioql PyPI...

Scam Facebook groups send malicious Android malware to seniors

An infostealer and banking Trojan rolled into one is making the rounds in Facebook groups aimed at "active seniors". Attackers used social engineering methods to lure targets into joining fake Facebook groups that appeared to promote travel and community activities—such as trips, dance classes, a...

CVE-2025-39926

In the Linux kernel, the following vulnerability has been resolved: genetlink: fix genlbind invoking bind after -EPERM Per family bind/unbind callbacks were introduced to allow families to track multicast group consumer presence, e.g. to start or stop producing events depending on listeners...

arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon.

...

CVE-2023-53522

In the Linux kernel, the following vulnerability has been resolved: cgroup,freezer: hold cpuhotpluglock before freezermutex syzbot is reporting circular locking dependency between cpuhotpluglock and freezermutex, for commit f5d39b020809 "freezer,sched: Rewrite core freezer logic" replaced atomici...

CVE-2025-34220

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contains a /api-gateway/identity/search-groups endpoint that does not require authentication. Requests to...

NewStart CGSL MAIN 6.06 : docker-ce Vulnerability (NS-SA-2025-0232)

The remote NewStart CGSL host, running version MAIN 6.06, has docker-ce packages installed that are affected by a vulnerability: - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up...

CVE-2025-34220

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contains a /api-gateway/identity/search-groups endpoint that does not require authentication. Requests to...

CVE-2025-34220

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contains a /api-gateway/identity/search-groups endpoint that does not require authentication. Requests to...

CVE-2025-34220 Vasion Print (formerly PrinterLogic) Unauthenticated API Leaks Group Information

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contains a /api-gateway/identity/search-groups endpoint that does not require authentication. Requests to...

CVE-2025-34220

Vasion Print (VA and SaaS) is affected by CVE-2025-34220 due to an unauthenticated /api-gateway/identity/search-groups endpoint. The issue allows enumeration of group objects for a tenant, exposing fields such as group IDs, source service IDs, Azure AD object IDs, creation timestamps, and tenant ...

CVE-2025-34220 Vasion Print (formerly PrinterLogic) Unauthenticated API Leaks Group Information

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contains a /api-gateway/identity/search-groups endpoint that does not require authentication. Requests to...

Vasion Print Virtual Appliance Host 安全漏洞

Vasion Print Virtual Appliance Host is a print management software from Vasion USA. A security vulnerability exists in Vasion Print Virtual Appliance Host versions prior to 25.1.102, which stems from a failure to authenticate the /api-gateway/identity/search-groups endpoint, which could allow a...

PT-2025-39885

Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 25.1.102 Vasion Print Application versions prior to 25.1.1413 Description The /api-gateway/identity/search-groups API endpoint does not require authentication. An unauthenticated remote attacker can enumerate eve...

Security Bulletin: Vulnerability in Babel affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Babel has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

DEBIAN-CVE-2025-39850

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD in arp,neighreduce when using nexthop objects When the "proxy" option is enabled on a VXLAN device, the device will suppress ARP requests and IPv6 Neighbor Solicitation messages if it is able to reply on behalf of...

CVE-2025-39850

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD in arp,neighreduce when using nexthop objects When the "proxy" option is enabled on a VXLAN device, the device will suppress ARP requests and IPv6 Neighbor Solicitation messages if it is able to reply on behalf of...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly handling FDB entries pointing to FDB nexthop groups, which could lead to null pointer...

CountLoader Broadens Russian Ransomware Operations With Multi-Version Malware Loader

Cybersecurity researchers have discovered a new malware loader codenamed CountLoader that has been put to use by Russian ransomware gangs to deliver post-exploitation tools like Cobalt Strike and AdaptixC2, and a remote access trojan known as PureHVNC RAT. "CountLoader is being used either as par...

Linux Distros Unpatched Vulnerability : CVE-2023-53187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix use-after-free of new block group that became unused If a task creates a new block group and that block group becomes unused before we finish its...