Lessons from Smart Switching: Rethinking Security and Performance

Microsegmentation built directly into the network infrastructure means that stronger network security no longer equals slower systems...

AZL-71441 CVE-2025-12084 affecting package python3 for versions less than 3.9.19-19

When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...

CVE-2025-66399

Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw in the SNMP device configuration functionality. An authenticated Cacti user can supply crafted SNMP community strings containing control characters including newlines that are...

WordPress TNC Toolbox: Web Performance plugin <= 2.0.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin TNC Toolbox: Web Performance versions = 2.0.4...

org.apache.skywalking:apache-skywalking-apm (>=6.1.0 <=10.1.0), org.apache.skywalking:apache-skywalking-apm-es7 (>=6.6.0 <=8.7.0) +1 more potentially affected by CVE-2025-54057 via org.apache.skywalking:apm-webapp (>=10.0.1 <=9.7.0)

org.apache.skywalking:apm-webapp MAVEN version =10.0.1, =6.1.0, =6.6.0, =6.0.0-GA, =6.0.0-beta Source cves: CVE-2025-54057 Source advisory: SNYK:JAVA-ORGAPACHESKYWALKING-14220413...

CLSA-2025-1764151168 kernel: Fix of 39 CVEs

perf/aux: Fix AUX buffer serialization CVE-2024-46713 - block: fix uaf for flush rq while iterating tags CVE-2024-53170 - zram: fix potential UAF of zram table CVE-2025-21671 - sched: schcake: add bounds checks to host bulk flow fairness counts CVE-2025-21647 - bpf: Fix UAF via mismatching...

Digital Twin-Driven Secure Access Strategy for SAGIN-Enabled IoT Networks

In space-air-ground integrated networks SAGIN-enabled IoT networks, secure access has become a significant challenge due to the increasing risks of eavesdropping attacks. To address these threats to data confidentiality, this paper proposes a Digital Twin DT-driven secure access strategy. The...

Synthetic Data: AI'S New Weapon against Android Malware

The ever-increasing number of Android devices and the accelerated evolution of malware, reaching over 35 million samples by 2024, highlight the critical importance of effective detection methods. Attackers are now using Artificial Intelligence to create sophisticated malware variations that can...

PT-2025-53005

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel related to the handling of Online Performance Points OPP within the devfreq subsystem for HiSilicon platforms. The issue arises from a...

CVE-2025-66108

Missing Authorization vulnerability in Merlot Digital by TNC TNC Toolbox: Web Performance tnc-toolbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TNC Toolbox: Web Performance: from n/a through = 2.0.4...

EUVD-2025-198446

Missing Authorization vulnerability in Merlot Digital by TNC TNC Toolbox: Web Performance tnc-toolbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TNC Toolbox: Web Performance: from n/a through = 2.0.4...

CVE-2025-66108

Missing Authorization vulnerability in Merlot Digital by TNC TNC Toolbox: Web Performance tnc-toolbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TNC Toolbox: Web Performance: from n/a through = 2.0.4...

CVE-2025-66108 WordPress TNC Toolbox: Web Performance plugin <= 2.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Merlot Digital by TNC TNC Toolbox: Web Performance tnc-toolbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TNC Toolbox: Web Performance: from n/a through = 2.0.4...

CVE-2025-66108

CVE-2025-66108 concerns the WordPress plugin Merlot Digital TNC Toolbox: Web Performance (versions

CVE-2025-66108 WordPress TNC Toolbox: Web Performance plugin <= 2.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Merlot Digital by TNC TNC Toolbox: Web Performance tnc-toolbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TNC Toolbox: Web Performance: from n/a through = 2.0.4...

WordPress plugin TNC Toolbox: Web Performance 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-47770

Missing Authorization vulnerability in Merlot Digital by TNC TNC Toolbox: Web Performance tnc-toolbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TNC Toolbox: Web Performance: from n/a through = 2.0.4...

What is CTEM? Your Guide to Reducing Cyber Risk

Trying to explain security priorities to your board using CVSS scores is a tough sell. A long list of technical flaws doesn't translate to business impact, making it difficult to justify budgets and get buy-in for critical initiatives. Security leaders need a better way to frame the conversation...

PT-2025-47607

Name of the Vulnerable Software and Affected Versions Open OnDemand versions prior to 4.0.8 Open OnDemand versions prior to 3.1.16 Description Open OnDemand packages create world writable locations in the GEM PATH prior to versions 4.0.8 and 3.1.16. This could allow unauthorized modification of...

Google Chrome < 122.0.6261.128 Vulnerability

The version of Google Chrome installed on the remote macOS host is prior to 122.0.6261.128. It is, therefore, affected by a vulnerability as referenced in the 202403stable-channel-update-for-desktop12 advisory. - Use after free in Performance Manager in Google Chrome prior to 122.0.6261.128 allow...