EUVD-2023-44249

Malicious code in bioql PyPI...

EUVD-2023-26059

Malicious code in bioql PyPI...

EUVD-2024-27184

Malicious code in bioql PyPI...

EUVD-2024-38904

Malicious code in bioql PyPI...

EUVD-2023-49498

Malicious code in bioql PyPI...

EUVD-2024-17448

Malicious code in bioql PyPI...

EUVD-2024-2823

Malicious code in bioql PyPI...

SoK: Measuring What Matters for Closed-Loop Security Agents

Cybersecurity is a relentless arms race, with AI driven offensive systems evolving faster than traditional defenses can adapt. Research and tooling remain fragmented across isolated defensive functions, creating blind spots that adversaries exploit. Autonomous agents capable of integrating, explo...

CVE-2023-53515

CVE-2023-53515 affects the Linux kernel virtio-mmio subsystem. The issue stems from allocating vm_dev with devres, which breaks the vm_dev lifecycle tied to a struct device; when the platform_device is removed, the memory is freed before vm_dev release, causing a use-after-free when the release c...

CVE-2023-53515 virtio-mmio: don't break lifecycle of vm_dev

In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: don't break lifecycle of vmdev vmdev has a separate lifecycle because it has a 'struct device' embedded. Thus, having a release callback for it is correct. Allocating the vmdev struct with devres totally breaks this...

kernel: smb: client: fix use-after-free in cifs_oplock_break

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

Security Bulletin: Due to the use of CKEditor, IBM Engineering Lifecycle Management - Jazz Foundation is affected by a Cross-Site scripting vulnerability

Summary Below vulnerability has been identified in CKEditor, which has been addressed by IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2023-4771 DESCRIPTION: A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15....

Linux Distros Unpatched Vulnerability : CVE-2023-53440

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix sysfs interface lifetime The current nilfs2 sysfs support has issues with the timing of creation and deletion of sysfs entries, potentially leading ...

KuppingerCole 2025: Why Thales is a Market Leader in API Security

APIs are the backbone of modern applications connecting critical microservices and enabling enterprises to turn data into context-aware business logic via AI across their digital services. As applications become more contextual, APIs expose the data, workflows, and model interactions attackers...

Static Security Vulnerability Scanning of Proprietary and Open-Source Software: an Adaptable Process with Variants and Results

Software vulnerabilities remain a significant risk factor in achieving security objectives within software development organizations. This is especially true where either proprietary or open-source software OSS is included in the technological environment. In this paper an end-to-end process with...

PT-2025-38459

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The nilfs2 sysfs support in the Linux kernel has issues with the timing of creation and deletion of sysfs entries. This can lead to null pointer dereferences, use-after-free conditions,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper lifecycle management of the nilfs2 sysfs interface, which could lead to null pointer dereferencing...

CVE-2022-50259 bpf, sockmap: fix race in sock_map_free()

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sockmapfree sockmapfree calls releasesocksk without owning a reference on the socket. This can cause use-after-free as syzbot found 1 Jakub Sitnicki already took care of a similar issue in sockhashfree i...

Important: Red Hat Security Advisory: aide security update

An update for aide is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...