Exploit for Out-of-bounds Write in Fortinet Fortimail

Blackash-CVE-2025-32756 CVE-2025-32756 'Fortinet' RCE PoC ‼...

Security advisory: Recently discovered issue in qDecodeDataUrl() in QtCore impacts Qt

An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. This has been assigned the CVE id CVE-2025-5455. Affected versions: All version of Qt up to and including 5.15.18, from 6.0.0 through 6.5.8,...

RHSA-2025:8348 Red Hat Security Advisory: kpatch-patch-4_18_0-305_120_1, kpatch-patch-4_18_0-305_138_1, kpatch-patch-4_18_0-305_145_1, and kpatch-patch-4_18_0-305_150_1 security update

Bulletin has no description...

RHSA-2025:8345 Red Hat Security Advisory: kpatch-patch-4_18_0-553, kpatch-patch-4_18_0-553_16_1, kpatch-patch-4_18_0-553_30_1, and kpatch-patch-4_18_0-553_40_1 security update

Bulletin has no description...

CVE-2024-23187

Content-ID based embedding of resources in E-Mails could be abused to trigger client-side script code when using the "show more" option. Attackers could perform malicious API requests or extract information from the users account. Exploiting the vulnerability requires user interaction. Please...

CVE-2023-41265

An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunnelin...

CVE-2022-41891

TensorFlow is an open source platform for machine learning. If tf.rawops.TensorListConcat is given elementshape=, it results segmentation fault which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit fc33f3dc4c14051a83eec6535b608abe1d355fde. The fix wil...

CVE-2021-29589

TensorFlow is an end-to-end open source platform for machine learning. The reference implementation of the GatherNd TFLite operator is vulnerable to a division by zero...

Metasploit Wrap-Up

Making Metasploit faster This week's wrap-up includes many new modules, but notably, we've upgraded Metasploit loading. Thanks to bcoles, the bootup performance when searching for a module has been increased in 20166. Also, we've reduced Metasploit startup time - in 20155. New module content 6...

CVE-2012-3009

Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls...

Alibaba Cloud Linux 3 : 0118: java-11-openjdk (ALINUX3-SA-2023:0118)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0118 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-22006: Vulnerability in the Oracl...

Alibaba Cloud Linux 3 : 0173: java-17-openjdk (ALINUX3-SA-2022:0173)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0173 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-21618: Vulnerability in the Oracl...

UBUNTU-CVE-2025-37889

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Consistently treat platformmax as control value This reverts commit 9bdd10d57a88 "ASoC: ops: Shift tested values in sndsocputvolsw by +min", and makes some additional related updates. There are two ways the platformmax...

CVE-2025-46712

CVE-2025-46712 describes an SSH handshake hardening bypass in Erlang/OTP: prior to OTP-27.3.4, OTP-26.2.5.12, and OTP-25.3.2.21, the SSH KEX handshake allows optional messages to be exchanged, enabling a MITM attacker to inject messages during the handshake. The issue has been patched in OTP-27.3...

CVE-2025-46712

Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for OTP-27, OTP-26.2.5.12 for OTP-26, and OTP-25.3.2.21 for OTP-25, Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This...

CVE-2023-53109

CVE-2023-53109 : Linux kernel vulnerability in net: tunnels where IP tunnels may update dev->needed_headroom in the xmit path, causing a data race (KCSAN) in ip_tunnel_xmit and related paths. The patch annotates lockless accesses to dev->needed_headroom for three tunnels’ xmit paths and als...

CVE-2025-32972 The lesscss script service allows cache clearing without programming right

XWiki is a generic wiki platform. In versions starting from 6.1-milestone-1 to before 15.10.12, from 16.0.0-rc-1 to before 16.4.3, and from 16.5.0-rc-1 to before 16.8.0-rc-1, the script API of the LESS compiler in XWiki is incorrectly checking for rights when calling the cache cleaning API, makin...

Amazon Linux 2 : ghostscript (ALAS-2025-2820)

The version of ghostscript installed on the remote host is prior to 9.54.0-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2820 advisory. Fix confusion between bytes and shorts. Data is being copied from a string in multiple of shorts, rather than multipl...

CVE-2025-30205 kanidm-provision leaks provisioned admin credentials into the system log

kanidim-provision is a helper utility that uses kanidm's API to provision users, groups and oauth2 systems. Prior to version 1.2.0, a faulty function intrumentation in the optional kanidm patches provided by kandim-provision will cause the provisioned admin credentials to be leaked to the system...

Important: Red Hat Security Advisory: kpatch-patch-5_14_0-427_13_1, kpatch-patch-5_14_0-427_31_1, kpatch-patch-5_14_0-427_44_1, and kpatch-patch-5_14_0-427_55_1 security update

An update for kpatch-patch-5140-427131, kpatch-patch-5140-427311, kpatch-patch-5140-427441, and kpatch-patch-5140-427551 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common...