drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe

...

On Darwin, user's trust preferences for root certificates were not honored. If the user had a root certificate loaded in their Keychain that was explicitly not trusted, a Go program would still verify a connection using that root certificate.

...

1965 Cryptanalysis Training Workbook Released by the NSA

In the early 1960s, National Security Agency cryptanalyst and cryptanalysis instructor Lambros D. Callimahos coined the term "Stethoscope" to describe a diagnostic computer program used to unravel the internal structure of pre-computer ciphertexts. The term appears in the newly declassified...

Linux Distros Unpatched Vulnerability : CVE-2021-41688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but its address is still used in other locations. Sending specific...

Linux Distros Unpatched Vulnerability : CVE-2021-41687

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for parsing data, but does not free it when error in parsing. Sending...

Linux Distros Unpatched Vulnerability : CVE-2021-41689

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the result even...

CVE-2025-53247

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpinterface BlogMarks blogmarks allows PHP Local File Inclusion.This issue affects BlogMarks: from n/a through = 1.0.8...

MAL-2025-41498 Malicious code in @twork-data-services/loyalty-program-names (npm)

--- -= Per source details. Do not edit below this line.=-...

Mitsubishi Electric MELSEC iQ-F Series CPU Module

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker the ability to obtain credential information by intercepting SLMP communication messages, and read or write the device values of the product by using the obtained credential information. In addition, the...

Linux Distros Unpatched Vulnerability : CVE-2019-20628

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a Use- After-Free vulnerability in gfm2tsprocesspmt in...

Linux Distros Unpatched Vulnerability : CVE-2021-3013

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ripgrep before 13 on Windows allows attackers to trigger execution of arbitrary programs from the current working directory via the -z/--search-zip or --pre fla...

CVE-2025-0078

In main of main.cpp, there is a possible way to bypass SELinux due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-8447

An improper access control vulnerability was identified in GitHub Enterprise Server that allowed users with access to any repository to retrieve limited code content from another repository by creating a diff between the repositories. To exploit this vulnerability, an attacker needed to know the...

CISA: FY 2025 Tribal Cybersecurity Grant Program FAQs

This is the CISA FAQ for the Tribal Cybersecurity Grant Program TCGP which assists eligible Tribal governments addressing cybersecurity risks and threats to their information systems. This is an updated copy...

CVE-2025-57105

The DI-7400G+ router has a command injection vulnerability, which allows attackers to execute arbitrary commands on the device. The sub478D28 function in in mngplatform.asp, and sub4A12DC function in wayosacserver.asp of the jhttpd program, with the parameter acmngsrvhost...

AZL-66644 CVE-2025-38640 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Disable migration in nfhookrunbpf. syzbot reported that the netfilter bpf prog can be called without migration disabled in xmit path. Then the assertion in bpfprogrun fails, triggering the splat below. 0 Let's use...

UBUNTU-CVE-2025-38640

In the Linux kernel, the following vulnerability has been resolved: bpf: Disable migration in nfhookrunbpf. syzbot reported that the netfilter bpf prog can be called without migration disabled in xmit path. Then the assertion in bpfprogrun fails, triggering the splat below. 0 Let's use...

CVE-2025-38640

In the Linux kernel, the following vulnerability has been resolved: bpf: Disable migration in nfhookrunbpf. syzbot reported that the netfilter bpf prog can be called without migration disabled in xmit path. Then the assertion in bpfprogrun fails, triggering the splat below. 0 Let's use...

[SECURITY] Fedora 41 Update: socat-1.8.0.3-1.fc41

Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device serial line etc. or a pseudo terminal, a socket UNIX, IP4, IP6 - raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin etc., th...

[SECURITY] Fedora 42 Update: socat-1.8.0.3-1.fc42

Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device serial line etc. or a pseudo terminal, a socket UNIX, IP4, IP6 - raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin etc., th...