CVE-2025-46738

CVE-2025-46738 affects Schweitzer Engineering Laboratories SEL-5033 acSELerator RTAC Software. An authenticated attacker can modify layout data files located in the SEL-5033 installation directory to execute arbitrary code. This is a local access vulnerability with low privileges required and use...

Schweitzer Engineering Laboratories SEL-5033 acSELerator RTAC Software 安全漏洞

Schweitzer Engineering Laboratories SEL-5033 acSELerator RTAC Software is a graphical, easy-to-use tool from Schweitzer Engineering Laboratories, Inc. that helps users quickly and easily configure the SEL Real-Time Automation Controller RTAC quickly and easily. A security vulnerability exists in...

PT-2025-20751 · Apple · Macos Sonoma +3

Name of the Vulnerable Software and Affected Versions: macOS Ventura versions prior to 13.7.6 macOS Sequoia versions prior to 15.5 macOS Sonoma versions prior to 14.7.6 Description: The issue allows an app to bypass Address Space Layout Randomization ASLR, which is a security feature designed to...

harfbuzz security update

An update is available for harfbuzz. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list HarfBuzz is an implementation of the OpenType Layout engine. Security Fixes:...

RLSA-2024:2410 Moderate: harfbuzz security update

HarfBuzz is an implementation of the OpenType Layout engine. Security Fixes: harfbuzz: allows attackers to trigger On^2 growth via consecutive marks CVE-2023-25193 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer...

harfbuzz security update

An update is available for harfbuzz. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list HarfBuzz is an implementation of the OpenType Layout engine. Security Fixes:...

RLSA-2024:2980 Moderate: harfbuzz security update

HarfBuzz is an implementation of the OpenType Layout engine. Security Fixes: harfbuzz: allows attackers to trigger On^2 growth via consecutive marks CVE-2023-25193 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer...

Enable Kernel ASLR

Address-space layout randomization ASLR randomly arranges the positions of the stack, function libraries, and programs to slightly different positions each time. As a result, the correct positions cannot be guessed, and buffer overflow attacks fail. In the Linux kernel, ASLR is classified into...

Malicious code in @sporta-technology/dream11_msd.tab-layout (npm)

--- -= Per source details. Do not edit below this line.=-...

SUSE CVE-2025-22069

In the Linux kernel, the following vulnerability has been resolved: riscv: fgraph: Fix stack layout to match archftraceregs argument of ftracereturntohandler Naresh Kamboju reported a "Bad frame pointer" kernel warning while running LTP trace ftracestresstest.sh in riscv. We can reproduce the sam...

DEBIAN-CVE-2025-22069

In the Linux kernel, the following vulnerability has been resolved: riscv: fgraph: Fix stack layout to match archftraceregs argument of ftracereturntohandler Naresh Kamboju reported a "Bad frame pointer" kernel warning while running LTP trace ftracestresstest.sh in riscv. We can reproduce the sam...

CVE-2025-22069

In the Linux kernel, the following vulnerability has been resolved: riscv: fgraph: Fix stack layout to match archftraceregs argument of ftracereturntohandler Naresh Kamboju reported a "Bad frame pointer" kernel warning while running LTP trace ftracestresstest.sh in riscv. We can reproduce the sam...

UBUNTU-CVE-2025-22069

In the Linux kernel, the following vulnerability has been resolved: riscv: fgraph: Fix stack layout to match archftraceregs argument of ftracereturntohandler Naresh Kamboju reported a "Bad frame pointer" kernel warning while running LTP trace ftracestresstest.sh in riscv. We can reproduce the sam...

CVE-2025-22069 riscv: fgraph: Fix stack layout to match __arch_ftrace_regs argument of ftrace_return_to_handler

In the Linux kernel, the following vulnerability has been resolved: riscv: fgraph: Fix stack layout to match archftraceregs argument of ftracereturntohandler Naresh Kamboju reported a "Bad frame pointer" kernel warning while running LTP trace ftracestresstest.sh in riscv. We can reproduce the sam...

CVE-2025-22069

The CVE-2025-22069 entry concerns a Linux kernel riscv fgraph issue where stack layout for ftrace_return_to_handler argument did not match __arch_ftrace_regs, causing a Bad frame pointer warning. Affected component: riscv ftrace path in kernel/trace/fgraph.c; root cause: mismatch between the cons...

CVE-2025-22069

In the Linux kernel, the following vulnerability has been resolved: riscv: fgraph: Fix stack layout to match archftraceregs argument of ftracereturntohandler Naresh Kamboju reported a "Bad frame pointer" kernel warning while running LTP trace ftracestresstest.sh in riscv. We can reproduce the sam...

PT-2025-16709 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the stack layout for constructing arguments for the ftrace return to handler function in the return t...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a stack layout mismatch that could lead to a frame pointer error...

Cybersecurity through Entropy Injection: a Paradigm Shift from Reactive Defense to Proactive Uncertainty

Cybersecurity often hinges on unpredictability, with a system's defenses being strongest when sensitive values and behaviors cannot be anticipated by attackers. This paper explores the concept of entropy injection-deliberately infusing randomness into security mechanisms to increase...

BIT-PHP-MIN-2024-11235 Reference counting in php_request_shutdown causes Use-After-Free

In PHP versions 8.3. before 8.3.19 and 8.4. before 8.4.5, a code sequence involving set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the...