CVE-2025-8916 Possible DOS in processing large name constraint structures in PKIXCertPathReveiwer

Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules, Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All API modules allows Excessiv...

Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality

Summary It is possible to bypass the mitigation introduced in response to CVE-2025-1550, when an untrusted Keras v3 model is loaded, even when “safemode” is enabled, by crafting malicious arguments to built-in Keras modules. The vulnerability is exploitable on the default configuration and does n...

GHSA-67MF-3CR5-8W23 Bouncy Castle for Java on All (API modules) allows Excessive Allocation

A resource allocation vulnerability exists in Bouncy Castle for Java by Legion of the Bouncy Castle Inc. that affects all API modules. The vulnerability allows attackers to cause excessive memory allocation through unbounded resource consumption, potentially leading to denial of service. The issu...

CVE-2024-41986

A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application support insecure TLS 1.0 and 1.1 protocol. An attacker could achieve a man-in-the-middle attack and compromise confidentiality and integrity of data...

CVE-2024-41985

A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle...

CVE-2024-41980

A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application do not encrypt the communication in LDAP interface by default. This could allow an authenticated attacker to gain unauthorized access to sensitive...

CVE-2024-41982

A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not have adequate encryption of sensitive information. This could allow an authenticated attacker to gain access of sensitive information...

CVE-2024-41984

A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application improperly handles error while accessing an inaccessible resource leading to exposing the system applications...

CVE-2024-41979

A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not enforce mandatory authorization on some functionality level at server side. This could allow an authenticated attacker to gain complete acce...

CVE-2024-41984

CVE-2024-41984 affects SmartClient modules Opcenter QL Home, SOA Audit, and SOA Cockpit (SC) with versions 13.2–2505. The root cause is improper error handling when accessing an inaccessible resource, which can expose system applications. Affected products expose limited information due to error ...

CVE-2024-41983

A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application displays SQL statement in the error messages encountered during the generation of reports using Cockpit tool...

CVE-2024-41980

A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application do not encrypt the communication in LDAP interface by default. This could allow an authenticated attacker to gain unauthorized access to sensitive...

CVE-2025-8885

Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files...

UBUNTU-CVE-2025-8885

Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files...

cn.loyom.boot:loyom-boot-cache (=1.0.0-JDK21), cn.loyom.boot:loyom-boot-common (=1.0.0-JDK21) +162 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-lts8on (>=2.73.0 <=2.73.4)

org.bouncycastle:bcprov-lts8on MAVEN version =2.73.0, =2.73.4 is affected by a known vulnerability. The following packages have a transitive dependency on org.bouncycastle:bcprov-lts8on and may be impacted: - cn.loyom.boot:loyom-boot-cache =1.0.0-JDK21 - cn.loyom.boot:loyom-boot-common =1.0.0-JDK...

Huawei EulerOS: Security Advisory for libcap (EulerOS-SA-2025-1933)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2025-37845

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing: fprobe events: Fix possible UAF on modules Commit ac91052f0ae5 tracing:...

Linux Distros Unpatched Vulnerability : CVE-2020-1746

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible...

[SECURITY] Fedora 41 Update: perl-5.40.3-517.fc41

Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

Linux Distros Unpatched Vulnerability : CVE-2021-35039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIGMODULESIG, verification that a kernel...