CVE-2025-43433

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to memory corruption...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm, an American company. A security vulnerability exists in Qualcomm Chipsets that stems from an information disclosure when processing an invalid payload from a client...

CVE-2025-52910

An issue was discovered in the GPU in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1330, 1380, 1480, 2400. A Use-After-Free leads to privilege escalation...

CVE-2025-54330

CVE-2025-54330 affects Samsung Mobile Processor Exynos 1380 (NPU) with an out-of-bounds read in the __is_done_for_me function, through July 2025. Vulnerable component: NPU inside the Exynos 1380 SoC. Impact as per CVSS: Medium (5.3), networked, requires no user interaction, no privileges. No fixe...

PT-2025-45023

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor Exynos versions through July 2025 Description An issue exists in the NPU within Samsung Mobile Processor Exynos. A NULL pointer dereference occurs within the npu vertex profileoff function, specifically affecting...

PT-2025-44932

Name of the Vulnerable Software and Affected Versions versions prior to 2025 Description A memory corruption issue exists when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing. This can lead to a buffer over-read in the DSP Service. Recommendations At the...

CVE-2025-54333

The CVE-2025-54333 issue is in Samsung Mobile Processor Exynos 1380’s NPU, described as an Invalid Pointer Dereference in the get_vs4l_profiler_node function. Connected sources (e.g., PT-2025-45024, Red Hat/NVD/CVE listings) corroborate the vulnerability but do not provide concrete exploit detail...

PT-2025-45021

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor Exynos versions through July 2025 Description An out-of-bounds read issue exists in the NPU of Samsung Mobile Processor Exynos. Specifically, the issue resides in the is done for me function, involving a read of q-bufs...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipsets from Qualcomm, Inc. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when processing requests sent by GVM...

CVE-2025-54333

An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Invalid Pointer Dereference of node in the getvs4lprofilernode function...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption when an invalid userspace address is dereferenced during MCDM IOCTL processing...

Create Self-Improving AI Agents Using Spring AI Recursive Advisors

The Spring AI ChatClient offers a fluent API for communicating with an AI model. The fluent API provides methods for building the constituent parts of a prompt that gets passed to the AI model as input. Advisors are a key part of the fluent API that intercept, modify, and enhance AI-driven...

dspy 安全漏洞

dspy is a Stanford NLP open source artificial intelligence framework for programming. A security vulnerability exists in dspy that stems from an overly lax sandbox configuration that could allow an attacker to steal sensitive files...

PT-2025-45022

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor Exynos 1380 through July 2025 Description An issue exists in the NPU component of Samsung Mobile Processor Exynos. Specifically, an untrusted pointer dereference of src hdr occurs within the copy ncp header function...

CVE-2025-12531 IBM InfoSphere Information Server is affected by an XML external entity injection (XXE) vulnerability

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

CLSA-2025-1762181946 frr: Fix of CVE-2023-38406

CVE-2023-38406: fix BGP Flowspec NLRI overflow vulnerability where zero-length packets could cause packet processing errors...

Important: Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)

Red Hat Enterprise Linux AI 1.5 NVIDIA is now available. Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models LLMs for enterprise applications...

EUVD-2025-37466

A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. This issue affects some unknown processing of the file /ajax.php. The manipulation results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be...

About the security content of Safari 26.1

About the security content of Safari 26.1 This document describes the security content of Safari 26.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

Detecting Vulnerabilities from Issue Reports for Internet-Of-Things

Timely identification of issue reports reflecting software vulnerabilities is crucial, particularly for Internet-of-Things IoT where analysis is slower than non-IoT systems. While Machine Learning ML and Large Language Models LLMs detect vulnerability-indicating issues in non-IoT systems, their I...