[SECURITY] Fedora 42 Update: mirrorlist-server-3.0.7-7.fc42

The mirrorlist-server uses the data created by MirrorManager2 https://github.com/fedora-infra/mirrormanager2 to answer client request for the "best" mirror. This implementation of the mirrorlist-server is written in Rust. The original version of the mirrorlist-server was part of the MirrorManager...

CVE-2025-52566

A flaw was found in the tokenizer component of llama.cpp. This vulnerability allows heap memory corruption via carefully crafted text input during tokenization, due to a signed vs. unsigned integer overflow in the llamavocab::tokenize function. Mitigation Mitigation for this issue is either not...

CVE-2025-2962

A denial-of-service issue in the dns implemenation could cause an infinite loop...

CVE-2025-2962

CVE-2025-2962 affects Zephyr RTOS (Zephyr project)

CVE-2025-2962 Infinite loop in dns_copy_qname

A denial-of-service issue in the dns implemenation could cause an infinite loop...

CVE-2025-52566

llama.cpp is an inference of several LLM models in C/C++. Prior to version b5721, there is a signed vs. unsigned integer overflow in llama.cpp's tokenizer implementation llamavocab::tokenize src/llama-vocab.cpp:3036 resulting in unintended behavior in tokens copying size comparison. Allowing...

CVE-2025-52566 llama.cpp tokenizer signed vs. unsigned heap overflow

llama.cpp is an inference of several LLM models in C/C++. Prior to version b5721, there is a signed vs. unsigned integer overflow in llama.cpp's tokenizer implementation llamavocab::tokenize src/llama-vocab.cpp:3036 resulting in unintended behavior in tokens copying size comparison. Allowing...

PT-2025-26697 · Zephyrproject Rtos · Zephyr

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A denial-of-service issue in the dns implementation could cause an infinite loop. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

How AI-Enabled Workflow Automation Can Help SOCs Reduce Burnout

It sure is a hard time to be a SOC analyst. Every day, they are expected to solve high-consequence problems with half the data and twice the pressure. Analysts are overwhelmed—not just by threats, but by the systems and processes in place that are meant to help them respond. Tooling is fragmented...

CVE-2025-49715

Exposure of private personal information to an unauthorized actor in Dynamics 365 FastTrack Implementation Assets allows an unauthorized attacker to disclose information over a network...

ALSA-2025:9329 Important: perl-YAML-LibYAML security update

Kirill Siminov's "libyaml" is arguably the best YAML implementation. The C library is written precisely to the YAML 1.1 specification. It was originally bound to Python and was later bound to Ruby. Security Fixes: yaml-libyaml: LibYAML Perl File Modification Vulnerability CVE-2025-40908 For more...

The vulnerability of the svc_create_socket() function in the net/sunrpc/svcsock.c module of the Linux operating system’s RPC protocol implementation allows a attacker to cause a service failure.

The vulnerability of the svccreatesocket function in the net/sunrpc/svcsock.c module of the Linux operating system’s RPC implementation is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

Important: perl-YAML-LibYAML security update

Kirill Siminov's "libyaml" is arguably the best YAML implementation. The C library is written precisely to the YAML 1.1 specification. It was originally bound to Python and was later bound to Ruby. Security Fixes: yaml-libyaml: LibYAML Perl File Modification Vulnerability CVE-2025-40908 For more...

Important: perl-YAML-LibYAML security update

Kirill Siminov's "libyaml" is arguably the best YAML implementation. The C library is written precisely to the YAML 1.1 specification. It was originally bound to Python and was later bound to Ruby. Security Fixes: yaml-libyaml: LibYAML Perl File Modification Vulnerability CVE-2025-40908 For more...

Cost-Effective Optimization and Implementation of the CRT-Paillier Decryption Algorithm for Enhanced Performance

To address the privacy protection problem in cloud computing, privacy enhancement techniques such as the Paillier additive homomorphism algorithm are receiving widespread attention. Paillier algorithm allows addition and scalar multiplication operations in dencrypted state, which can effectively...

Toward a Lightweight, Scalable, and Parallel Secure Encryption Engine

The exponential growth of Internet of Things IoT applications has intensified the demand for efficient, high-throughput, and energy-efficient data processing at the edge. Conventional CPU-centric encryption methods suffer from performance bottlenecks and excessive data movement, especially in...

Detecting Hardware Trojans in Microprocessors via Hardware Error Correction Code-based Modules

Software-exploitable Hardware Trojans HTs enable attackers to execute unauthorized software or gain illicit access to privileged operations. This manuscript introduces a hardware-based methodology for detecting runtime HT activations using Error Correction Codes ECCs on a RISC-V microprocessor...

Updated chromium-browser-stable packages fix security vulnerabilities

CVE-2025-5063: Use after free in Compositing. CVE-2025-5280: Out of bounds write in V8. CVE-2025-5064: Inappropriate implementation in Background Fetch API. CVE-2025-5065: Inappropriate implementation in FileSystemAccess API. CVE-2025-5066: Inappropriate implementation in Messages. CVE-2025-5281:...

CVE-2025-49715 Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability

...

CVE-2025-32876

An issue was discovered on COROS PACE 3 devices through 3.0808.0. The BLE implementation of the COROS smartwatch does not support LE Secure Connections and instead enforces BLE Legacy Pairing. In BLE Legacy Pairing, the Short-Term Key STK can be easily guessed. This requires knowledge of the...