PT-2025-51038

Name of the Vulnerable Software and Affected Versions Apple products affected versions not specified Description A permissions issue was identified and addressed through the implementation of additional restrictions. Recommendations At the moment, there is no information about a newer version tha...

OpenPLC_V3 (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could result in the alteration of PLC settings or the upload of malicious programs. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

EUVD-2025-202117

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in trippleS Digiqole digiqole allows PHP Local File Inclusion.This issue affects Digiqole: from n/a through 2.2.7...

KB5074353: Security Update for Windows PowerShell (OS Build 20348.4467)

KB5074353: Security Update for Windows PowerShell OS Build 20348.4467 For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview of Windows Server 2022, see the update history page for Windows Server 2022.Be sure to...

Schneider Electric EcoStruxure Foxboro DCS Advisor

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

KB5074204: Security Update for Windows PowerShell (OS Builds 26100.7392 and 26200.7392)

KB5074204: Security Update for Windows PowerShell OS Builds 26100.7392 and 26200.7392 For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview of Windows 11, see the update history pages for Windows 11, version 24H2 a...

CVE-2022-50654

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix panic due to wrong pageattr of im-image In the scenario where livepatch and kretfunc coexist, the pageattr of im-image is rox after archpreparebpftrampoline in bpftrampolineupdate, and then modifyfentry or registerfentry...

CVE-2025-14259

A vulnerability was found in Jihai Jshop MiniProgram Mall System 2.9.0. Affected by this issue is some unknown functionality of the file /index.php/api.html. The manipulation of the argument catid results in sql injection. The attack may be launched remotely. The exploit has been made public and...

CVE-2025-14259 Jihai Jshop MiniProgram Mall System api.html sql injection

A vulnerability was found in Jihai Jshop MiniProgram Mall System 2.9.0. Affected by this issue is some unknown functionality of the file /index.php/api.html. The manipulation of the argument catid results in sql injection. The attack may be launched remotely. The exploit has been made public and...

CVE-2025-65082 Apache HTTP Server: CGI environment variable override

Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs. This issue affects Apache HTTP Server from 2.4.0 through...

Linux Distros Unpatched Vulnerability : CVE-2025-65407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the MPEG1or2Demux::newElementaryStream function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service DoS via...

PBFuzz: Agentic Directed Fuzzing for PoV Generation

Proof-of-Vulnerability PoV input generation is a critical task in software security and supports downstream applications such as path generation and validation. Generating a PoV input requires solving two sets of constraints: 1 reachability constraints for reaching vulnerable code locations, and ...

Moderate: Red Hat Security Advisory: systemd security update

An update for systemd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2025-66476

An uncontrolled search-path vulnerability in Vim for Microsoft Windows allows an attacker who can place a trojanized executable in a directory opened by the user to cause Vim to run that executable when Vim invokes external commands for example :grep, :!, filters !, :make, or system in Vimscript...

SUSE CVE-2025-65407

A use-after-free in the MPEG1or2Demux::newElementaryStream function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG Program stream...

RHSA-2025:22445 Red Hat Security Advisory: gimp security update

Bulletin has no description...

gimp:2.8 security update

An update is available for pygtk2, module.gimp, module.python2-pycairo, gimp, module.pygobject2, pygobject2, python2-pycairo, module.pygtk2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

EUVD-2025-200094

A use-after-free in the MPEG1or2Demux::newElementaryStream function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG Program stream...

CVE-2025-65407

A use-after-free in the MPEG1or2Demux::newElementaryStream function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG Program stream...

CVE-2025-65407

A use-after-free in the MPEG1or2Demux::newElementaryStream function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG Program stream...