10073 matches found
SUSE CVE-2025-38302
In the Linux kernel, the following vulnerability has been resolved: block: don't use submitbionoacctnocheck in blkzonewplugbiowork Bios queued up in the zone write plug have already gone through all all preparation in the submitbio path, including the freeze protection. Submitting them through...
ALPINE-CVE-2025-23048
In some modssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configurations are affected when modssl is configured for multiple virtual hosts, with each restricted to a different set of...
UBUNTU-CVE-2025-23048
In some modssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configurations are affected when modssl is configured for multiple virtual hosts, with each restricted to a different set of...
UBUNTU-CVE-2025-38302
In the Linux kernel, the following vulnerability has been resolved: block: don't use submitbionoacctnocheck in blkzonewplugbiowork Bios queued up in the zone write plug have already gone through all all preparation in the submitbio path, including the freeze protection. Submitting them through...
PT-2025-29046
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-rc7 Description: A flaw was discovered in the Linux kernel related to the MPLS Multiprotocol Label Switching implementation. Specifically, the mpls route input rcu function could be called from within an...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netsched: Flush gsoskb list too during -change CVE-2025-37992 In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: fix race condition in unaccepted memory handling CVE-2025-38008 In th...
podman: podman missing TLS verification
A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack...
AdeptHEQ-FL: Adaptive Homomorphic Encryption for Federated Learning of Hybrid Classical-Quantum Models with Dynamic Layer Sparing
Federated Learning FL faces inherent challenges in balancing model performance, privacy preservation, and communication efficiency, especially in non-IID decentralized environments. Recent approaches either sacrifice formal privacy guarantees, incur high overheads, or overlook quantum-enhanced...
USN-7627-2 linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - Block layer subsystem; - ACPI drivers; - NILFS2 file system; - File systems infrastructure;...
USN-7627-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - Block layer subsystem; - ACPI drivers; - NILFS2 file system; - File systems infrastructure;...
podman: podman missing TLS verification
A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack...
USN-7627-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - Block layer subsystem; - ACPI drivers; - NILFS2 file system; - File systems infrastructure;...
USN-7627-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - Block layer subsystem; - ACPI drivers; - NILFS2 file system; - File systems infrastructure;...
USN-7594-3 linux-aws, linux-oracle vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - PowerPC architecture; - RISC-V architecture; - User-Mode Linux UML; - x...
CVE-2024-31853
A vulnerability has been identified in SICAM TOOLBOX II All versions V07.11. During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check the extended key usage attribute of that device's certificate. This could allow an attacker to...
A Survey on Artificial Noise for Physical Layer Security: Opportunities, Technologies, Guidelines, Advances, and Trends
Due to the broadcast nature of wireless communications, physical-layer security has attracted increasing concerns from both academia and industry. Artificial noise AN, as one of the promising physical-layer security techniques, is capable of utilizing the spatial degree-of-freedom of channels to...
SAP NetWeaver Application Server Java 安全漏洞
SAP NetWeaver Application Server Java is an application server from SAP Germany that provides a Java runtime environment. The product is primarily used for developing and running Java EE applications. A security vulnerability exists in SAP NetWeaver Application Server Java that stems from...
webkitgtk: heap-use-after-free in WebCore::RenderLayer::addChild()
A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely...
webkitgtk: heap-buffer-overflow in WebCore::TextureMapperLayer::setContentsLayer
REJECTED CVE In WebKitGTK through 2.36.0 and WPE WebKit, there is a use-after-free in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp...
webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution
A heap buffer overflow vulnerability was found in WebKitGTK. The vulnerability occurs when processing or rendering HTML content in WebKit. This flaw allows a remote attacker to trick the victim into opening a specially crafted web page, triggering a heap buffer overflow error and leading to the...