DEBIAN-CVE-2025-38120

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapoavx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early fix was incomplete and...

CVE-2025-38120

CVE-2025-38120 affects the Linux kernel netfilter nf_set_pipapo_avx2. The issue: if the first field does not cover the entire start map, the remainder must be zeroed to prevent leaking bits into the next match round map. The early fix was incomplete and only addressed the generic C implementation...

CVE-2025-38120 netfilter: nf_set_pipapo_avx2: fix initial map fill

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapoavx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early fix was incomplete and...

CVE-2025-38120

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapoavx2: fix initial map fill If the first field doesn't cover the entire start map, then we must zero out the remainder, else we leak those bits into the next match round map. The early fix was incomplete and...

Delinea Secret Server 安全漏洞

Delinea Secret Server is a powerful PAM in the cloud or locally from Delinea USA. A security vulnerability exists in Delinea Secret Server version 11.7.49 and earlier, which stems from insufficient validation in the initial authorization event and could lead to distributed engine impersonation...

Security update for the Linux Kernel

This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...

Trend Makers Sight Bulb Pro 加密问题漏洞

Trend Makers Sight Bulb Pro is a camera from Trend Makers, Inc. The Trend Makers Sight Bulb Pro suffers from an encryption issue vulnerability that stems from the plaintext transfer of an AES key during initial setup, which could lead to the decryption of communications and the disclosure of...

Security update for the Linux Kernel

This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...

Security update for the Linux Kernel

This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...

Astra Linux - уязвимость в curl

When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a default entry that omits both login and password. A rare...

TencentOS Server 3: edk2 (TSSA-2024:0393)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0393 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2025-49004 Hijacking Caido instance during the initial setup via DNS Rebinding to achieve RCE

Caido is a web security auditing toolkit. Prior to version 0.48.0, due to the lack of protection for DNS rebinding, Caido can be loaded on an attacker-controlled domain. This allows a malicious website to hijack the authentication flow of Caido and achieve code execution. A malicious website load...

VulnCheck KEV: CVE-2025-26793

The Web GUI configuration panel of Hirsch formerly Identiv and Viscount Enterphone MESH through 2024 ships with default credentials username freedom, password viscount. The administrator is not prompted to change these credentials on initial configuration, and changing the credentials...

Slow initial page load when connecting to Storefront after upgrading to 2411/2503

After installing StoreFront 2411/2503, connections made to the landing page for a Storefront Store i.e. https://example.com/Citrix/XenAppWeb, users experience a 6 second delay before the logon page fully loads...

Rapid7 Q1 2025 Incident Response Findings

Rapid7’s Q1 2025 incident response data highlights several key initial access vector IAV trends, shares salient examples of incidents investigated by the Rapid7 Incident Response IR team, and digs into threat data by industry as well as some of the more commonly seen pieces of malware appearing i...

Citrix DaaS: ICA Launch might fail because of Zone misconfiguration when Connectors are in LHC mode

Session Launch might fail because of Zone misconfiguration when Connectors are in LHC mode. The issue may occur if configured resources are in the Initial Zone. A Zone is equivalent to a resource location. When you create a resource location and install a Cloud Connector, a zone is automatically...

Keyed Chaotic Dynamics for Privacy-Preserving Neural Inference

Neural network inference typically operates on raw input data, increasing the risk of exposure during preprocessing and inference. Moreover, neural architectures lack efficient built-in mechanisms for directly authenticating input data. This work introduces a novel encryption method for ensuring...

kernel: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path

In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass actlen in usbbulkmsg error path syzbot reported that actlen in kalmiasendinitpacket is uninitialized when passing it to the first usbbulkmsg error path. Jiri Pirko noted that it's pointless to pass it ...

CVE-2024-25679

In PQUIC before 5bde5bb, retention of unused initial encryption keys allows attackers to disrupt a connection with a PSK configuration by sending a CONNECTIONCLOSE frame that is encrypted via the initial key computed. Network traffic sniffing is needed as part of exploitation...

CVE-2023-42144

Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi password...