GHSA-5X2R-HC65-25F9 ML-DSA Signature Verification Accepts Signatures with Repeated Hint Indices

Affected Crate: ml-dsa Affected Versions: v0.1.0-rc.2 and commits since b01c3b7 Severity: Medium Reporter: Oren Yomtov Fireblocks Summary The ML-DSA signature verification implementation in the RustCrypto ml-dsa crate incorrectly accepts signatures with repeated duplicate hint indices. According ...

SQLi

SQL Injection CTF Challenge - Quick Start Guide Files Over...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: dm-stripe: fix a possible integer overflow There's a possible integer overflow in stripeiohints if we have too large chunk size. Test if the overflow happened, and if it did, don't set limits-iomin and limits-ioopt;...

CVE-2023-50855

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Sam Perrow Pre Party Resource Hints.This issue affects Pre Party Resource Hints: from n/a through 1.8.18...

CVE-2022-23496

Yet Another UserAgent Analyzer Yauaa is a java library that tries to parse and analyze the useragent string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993227)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993227 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue 1 that...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992676)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992676 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue 1 that...

[SECURITY] Fedora 43 Update: python-pydantic-2.12.4-1.fc43

Data validation and settings management using python type hinting...

[SECURITY] Fedora 43 Update: python-typer-0.20.0-1.fc43

Typer is a library for building CLI applications that users will love using a nd developers will love creating. Based on Python type hints...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990034)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990034 advisory. In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumaclerp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside i...

PrivateBin is missing HTML sanitization of attached filename in file size hint

We’ve identified an HTML injection/XSS vulnerability in PrivateBin service that allows the injection of arbitrary HTML markup via the attached filename. Below are the technical details, PoC, reproduction steps, impact, and mitigation recommendations. Recommend action: As the vulnerability has bee...

EUVD-2012-0023

Malware in sbrugna...

EUVD-2014-2556

Malware in sbrugna...

EUVD-2014-2279

Malware in sbrugna...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-387404)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-387404 advisory. In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix memory leak when canceling rehash work The rehash delayed work is...

CVE-2025-39940

In the Linux kernel, the following vulnerability has been resolved: dm-stripe: fix a possible integer overflow There's a possible integer overflow in stripeiohints if we have too large chunk size. Test if the overflow happened, and if it did, don't set limits-iomin and limits-ioopt;...

UBUNTU-CVE-2025-39940

In the Linux kernel, the following vulnerability has been resolved: dm-stripe: fix a possible integer overflow There's a possible integer overflow in stripeiohints if we have too large chunk size. Test if the overflow happened, and if it did, don't set limits-iomin and limits-ioopt;...

CVE-2025-39940 dm-stripe: fix a possible integer overflow

In the Linux kernel, the following vulnerability has been resolved: dm-stripe: fix a possible integer overflow There's a possible integer overflow in stripeiohints if we have too large chunk size. Test if the overflow happened, and if it did, don't set limits-iomin and limits-ioopt;...

CVE-2025-39940

CVE-2025-39940 concerns the Linux kernel’s dm-stripe component. A potential integer overflow can occur in stripe_io_hints when the chunk size is too large. The fix tests for an overflow and, if detected, avoids setting limits->io_min and limits->io_opt. This mitigates a local-privilege vect...

CVE-2025-39940 dm-stripe: fix a possible integer overflow

In the Linux kernel, the following vulnerability has been resolved: dm-stripe: fix a possible integer overflow There's a possible integer overflow in stripeiohints if we have too large chunk size. Test if the overflow happened, and if it did, don't set limits-iomin and limits-ioopt;...