DEBIAN-CVE-2025-8580

Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2025-8580

Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

Linux Distros Unpatched Vulnerability : CVE-2024-26790

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read There is chip ls1028a errata...

Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.13.1 release and security update

Red Hat AMQ Broker 7.13.1 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

CVE-2025-8556 Github.com/cloudflare/circl: circl-fourq: missing and wrong validation can lead to incorrect results

A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange...

Post-Quantum Cryptography Implementation Considerations in TLS

...

PT-2025-44678

Name of the Vulnerable Software and Affected Versions Google Chrome affected versions not specified Description A flaw exists in Google Chrome that could allow attackers to impact the system. The issue is related to an inappropriate implementation within the Extensions component. Recommendations ...

Linux Distros Unpatched Vulnerability : CVE-2025-21902

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: acpi: typec: ucsi: Introduce a -pollcci method For the ACPI backend of UCSI the UCSI registe...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc USA. A security vulnerability exists in Google Chrome that stems from an improper implementation of Gemini Live...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc USA. A security vulnerability exists in Google Chrome that stems from an improper implementation of the file system...

Exploit for CVE-1999-0078

Browsable content of eqgrp-auction-file.tar.xz - Original file: https://mega.nz/!zEAU1AQL!oWJ63n-D6lCuCQ4AY0Cv405hX8kn7MEsa1iLH5UjKU - Passphrase: CrDj";Va.NdlnzB9M?@K2deB7mN as disclosed by the ShadowBrokers, source - This summary is provided by the community: complaints/credits to jvoisin @...

SUSE SLES15 Security Update : libgcrypt (SUSE-SU-2025:02464-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02464-2 advisory. - CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Tenable has...

SUSE-SU-2025:02464-2 Security update for libgcrypt

This update for libgcrypt fixes the following issues: - CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via undozipimpl function during a write operation when decompressing ZIPS-packed deep scan-line EXR files. An attacker can write arbitrary data to the heap and potentially execute code by supplying a specially...

GHSA-7QW8-3VMF-GJ32 MaterialX Null Pointer Dereference in MaterialXCore Shader Generation due to Unchecked implGraphOutput

Summary When parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously crafted files. Details In source/MaterialXCore/Material.cpp, the following code extracts the output nodes for a given implementation graph: cpp...

Security update for libgcrypt

This update for libgcrypt fixes the following issues: CVE-2024-2236: Fixed timing based side-channel in RSA implementation bsc1221107 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

Malicious code in 7702-eoa-implementation (npm)

The package communicates with a domain associated with malicious activity...

CVE-2025-54572

The Ruby SAML library is for implementing the client side of a SAML authorization. In versions 1.18.0 and below, a denial-of-service vulnerability exists in ruby-saml even with the messagemaxbytesize setting configured. The vulnerability occurs because the SAML response is validated for Base64...

RLSA-2025:9329 Important: perl-YAML-LibYAML security update

Kirill Siminov's "libyaml" is arguably the best YAML implementation. The C library is written precisely to the YAML 1.1 specification. It was originally bound to Python and was later bound to Ruby. Security Fixes: yaml-libyaml: LibYAML Perl File Modification Vulnerability CVE-2025-40908 For more...

icu security update

67.1-10 - ICU-22973 Fix buffer overflow by using CharString Resolves: RHEL-96664...