CVE-2025-56801

The Reolink Desktop Application 8.18.12 contains hardcoded credentials as the Initialization Vector IV in its AES-CFB encryption implementation allowing attackers with access to the application environment to reliably decrypt encrypted configuration data. NOTE: the Supplier's position is that...

CVE-2025-56801

The Reolink Desktop Application 8.18.12 contains hardcoded credentials as the Initialization Vector IV in its AES-CFB encryption implementation allowing attackers with access to the application environment to reliably decrypt encrypted configuration data. NOTE: the Supplier's position is that...

EUVD-2022-54718

In the Linux kernel, the following vulnerability has been resolved: fbdev: defio: fix the pagelist corruption Easily hit the below list corruption: == listadd corruption. prev-next should be next ffffffffc0ceb090, but was ffffec604507edc8. prev=ffffec604507edc8. WARNING: CPU: 65 PID: 3959 at...

EUVD-2022-54851

In the Linux kernel, the following vulnerability has been resolved: sfc: fix considering that all channels have TX queues Normally, all channels have RX and TX queues, but this is not true if modparam efxseparatetxchannels=1 is used. In that cases, some channels only have RX queues and others onl...

EUVD-2022-55009

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix abort all task initialization In pm80xxsendabortall, the nelem field of the ccb used is not initialized to 0. This missing initialization sometimes lead to the task completion path seeing the ccb with a non-zero...

CVE-2025-56801

The Reolink Desktop Application 8.18.12 contains hardcoded credentials as the Initialization Vector IV in its AES-CFB encryption implementation allowing attackers with access to the application environment to reliably decrypt encrypted configuration data. NOTE: the Supplier's position is that...

EUVD-2025-35229

The Reolink Desktop Application 8.18.12 contains hardcoded credentials as the Initialization Vector IV in its AES-CFB encryption implementation allowing attackers with access to the application environment to reliably decrypt encrypted configuration data...

CVE-2025-56801

The Reolink Desktop Application 8.18.12 contains hardcoded credentials as the Initialization Vector IV in its AES-CFB encryption implementation allowing attackers with access to the application environment to reliably decrypt encrypted configuration data. NOTE: the Supplier's position is that...

CVE-2025-56801

The Red Hat advisories describe CVE-2025-56801 as a vulnerability in the Reolink Desktop Application 8.18.12 where hardcoded hard-coded credentials function as the Initialization Vector (IV) in AES-CFB encryption, enabling local attackers to decrypt sensitive configuration data stored under %APPD...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987653)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987653 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add stagwork to all the vports Call trace seen when creating NPIV ports, only 32 out ...

AMD TPM Reference Implementation June 2025 Security Update

AMD has informed HP of a potential security vulnerability identified in AMD Firmware TPM fTPM, which might allow information disclosure and/or denial of service. AMD has released Platform Initialization PI firmware to mitigate the vulnerability. AMD has released updates to mitigate the potential...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987519)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987519 advisory. In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6devfree from sitinitnet ipip6devfree is sit dev-privdestructor, already...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987610 advisory. In the Linux kernel, the following vulnerability has been resolved: gpio: Restrict usage of GPIO chip irq members before initialization GPIO chip irq members are...

USN-7826-2: Samba vulnerabilities

USN-7826-1 fixed vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Andrew Walker discovered that Samba incorrectly initialized memory in the vfsstreamsxattr module. An...

USN-7826-2 samba vulnerabilities

USN-7826-1 fixed vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Andrew Walker discovered that Samba incorrectly initialized memory in the vfsstreamsxattr module. An...

kernel: crypto: seqiv - Handle EBUSY correctly

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify...

ALSA-2025:18297 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors CVE-2025-39757 kernel: ALSA: hda/ca0132: Fix buffer overflow in addtuningcontrol CVE-2025-39751 kernel: crypto: seqiv - Handle...

JLSEC-2025-143 A flaw was found in FFmpeg's HLS playlist parsing

A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization...

Colliding with Adversaries at ECML-PKDD 2025 Adversarial Attack Competition 1st Prize Solution

This report presents the winning solution for Task 1 of Colliding with Adversaries: A Challenge on Robust Learning in High Energy Physics Discovery at ECML-PKDD 2025. The task required designing an adversarial attack against a provided classification model that maximizes misclassification while...

Ubuntu: Security Advisory (USN-7826-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...