GO-2025-3610 Mattermost vulnerable to Incorrect Implementation of Authentication Algorithm in github.com/mattermost/mattermost-server

Mattermost vulnerable to Incorrect Implementation of Authentication Algorithm in github.com/mattermost/mattermost-server...

Security Bulletin: Vulnerability in Apache Kafka's SCRAM implementation affects watsonx.data

Summary Incorrect Implementation of Authentication Algorithm in Apache Kafka's SCRAM implementation. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2024-56128 DESCRIPTION: Incorrect Implementation of Authentication Algorithm in Apache Kafka's SCRAM implementation. Issue Summary:...

[SECURITY] Fedora 41 Update: rpki-client-9.5-1.fc41

The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure RPKI for Relying Parties RP to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisatio...

PT-2025-22161

Name of the Vulnerable Software and Affected Versions: Linux kernel Description: A use-after-free vulnerability exists in the ksmbd module of the Linux kernel, specifically in the smb2 sess setup function. This flaw could allow a remote attacker to cause a denial of service. The vulnerability was...

CVE-2025-38104 drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV RLCG Register Access is a way for virtual functions to safely access GPU registers in a virtualized environment., including TLB...

[SECURITY] Fedora 41 Update: mysql8.0-8.0.41-1.fc41

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

📄 TP-Link VN020 F3v(T) TT_V6.2.1021 Denial of Service

TP-Link VN020 F3vT version TTV6.2.1021 suffers from a denial of service vulnerability. Exploit Title: TP-Link VN020 F3vT TTV6.2.1021 - Denial Of Service DOS Date: 10/22/2024 Exploit Author: Mohamed Maatallah Vendor Homepage: https://www.tp-link.com Version: TTV6.2.1021 VN020-F3vT Tested on:...

CBL Mariner 2.0 Security Update: coredns (CVE-2024-53259)

The version of coredns installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53259 advisory. - quic-go is an implementation of the QUIC protocol in Go. An off-path attacker can inject an ICMP Packet Too...

CVE-2025-1566

DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions...

CVE-2025-22116

CVE-2025-22116 affects the Linux kernel idpf driver’s netdev handling. The patch adds an error check when creating vports, logs the vport number and error code, and ensures on removal that VPORT_REG_NETDEV is checked before unregister/free. It also introduces local variables (idx, vport_config, n...

The Evolution of Zero Trust Architecture (ZTA) from Concept to Implementation

Zero Trust Architecture ZTA is one of the paradigm changes in cybersecurity, from the traditional perimeter-based model to perimeterless. This article studies the core concepts of ZTA, its beginning, a few use cases and future trends. Emphasising the always verify and least privilege access, some...

Cisco IP Phones Improper Neutralization of Input During Web Page Generation (CVE-2011-2545)

Cross-site scripting XSS vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows remote attackers to inject arbitrary web script or HTML via the FROM field of an INVITE message, aka...

grub2 security update

2.02-0.87.0.27.el7.14 - Fix OOB write in grubnetsearchconfigfile CVE-2025-0624 Orabug: 37770226 - Also adds implementation of grubstrlcpy for clean backport...

The vulnerability in the implementation of the LDAP service protocol for Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the LDAP Lightweight Directory Access Protocol implementation in Windows operating systems is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

[SECURITY] Fedora 41 Update: mariadb10.11-10.11.11-1.fc41

MariaDB is a community developed fork from MySQL - a multi-user, multi-thread ed SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs...

Google Chrome Security Bypass Vulnerability (CNVD-2025-10926)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that originates from an improper implementation in Downloads. An attacker can exploit the vulnerability to bypass security restrictions...

CVE-2025-22013 KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state There are several problems with the way hyp code lazily saves the host's FPSIMD/SVE state, including: Host SVE being discarded unexpectedly due to inconsistent...

Windows Cryptographic Services Information Disclosure Vulnerability

Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally...

Google Chrome Incorrectly Implemented Vulnerability

Google Chrome is a WEB browser developed by Google Inc. Google Chrome suffers from an incorrect implementation vulnerability, no details of the vulnerability are provided at this time...

Tokio broadcast channel calls clone in parallel, but does not require `Sync`

The broadcast channel internally calls clone on the stored value when receiving it, and only requires T:Send. This means that using the broadcast channel with values that are Send but not Sync can trigger unsoundness if the clone implementation makes use of the value being !Sync. Thank you to...