Apple Safari Security Update (HT122285)

Apple Safari is prone to an out-of-bounds write vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari";...

Jailbreaking is (mostly) simpler than you think

Content warning: This blog post contains discussions of sensitive topics. These subjects may be distressing or triggering for some readers. Reader discretion is advised. Today, we are sharing insights on a simple, optimization-free jailbreak method called Context Compliance Attack CCA, that has...

Improperly Controlled Sequential Memory Allocation

Overview Affected versions of this package are vulnerable to Improperly Controlled Sequential Memory Allocation when Guard or TypeGuard objects are created in the GuardImpl and TypeGuardImpl classes in the metrics component. If these objects are created with no description, memory is allocated...

jinja2: Jinja sandbox breakout through attr filter selecting format method

A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content o...

Updated python-django packages fix security vulnerability

An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings. CVE-2025-26699...

Header Injection

org.apache.camel, camel-support is vulnerable to a Header Injection. The vulnerability is due to insufficient header filtering, where only headers starting with "Camel", "camel", or "org.apache.camel." are blocked, allows attackers to forge header names and manipulate method invocation in the...

Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups

Impact When using Babel to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement pattern strings i.e. the second argument passed to .replace. Your generated code is vulnerable if all the...

March 11, 2025—Hotpatch KB5053636 (OS Build 26100.3403)

None None...

CVE-2025-27432

CVE-2025-27432 concerns the SAP eDocument Cockpit (Inbound NF-e) in SAP Electronic Invoicing for Brazil. An authenticated attacker with certain privileges can call any transaction by executing a specific ABAP method and view inbound delivery details, as described by multiple sources. The vulnerab...

CVE-2025-1828

Crypt::Random Perl package 1.05 through 1.55 may use rand function, which is not cryptographically strong, for cryptographic functions. If the Provider is not specified and /dev/urandom or an Entropy Gathering Daemon egd service is not available Crypt::Random will default to use the...

CVE-2025-1920

Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT

Path Equivalence: 'file.Name' Internal Dot leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through...

CVE-2025-25940

VisiCut 2.1 allows code execution via Insecure XML Deserialization in the loadPlfFile method of VisicutModel.java...

CVE-2025-25940

VisiCut 2.1 allows code execution via Insecure XML Deserialization in the loadPlfFile method of VisicutModel.java...

BIT-DJANGO-2024-39329

An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. The django.contrib.auth.backends.ModelBackend.authenticate method allows remote attackers to enumerate users via a timing attack involving login requests for users with an unusable password...

BIT-DJANGO-2024-53907

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The striptags method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities...

Jinja sandbox breakout through attr filter selecting format method

...

CVE-2025-25940

VisiCut 2.1 allows code execution via Insecure XML Deserialization in the loadPlfFile method of VisicutModel.java...

PT-2025-10599 · Visicut · Visicut

Name of the Vulnerable Software and Affected Versions: VisiCut version 2.1 Description: The issue allows code execution via insecure XML deserialization in the loadPlfFile method of VisicutModel.java. Recommendations: For VisiCut version 2.1, consider restricting the use of the loadPlfFile method...

CVE-2025-25763

crmeb CRMEB-KY v5.4.0 and before has a SQL Injection vulnerability at getRead in /system/SystemDatabackupServices.php...