Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: removed gfxv110cpeccerrorirqfuncs The gfx.cpeccerrorirq has been removed from gfx11. In gfxv110hwfini, amdgpuirqput is still used to disable this interrupt, which caused the call trace in this function. 102.873958...

SUSE CVE-2026-31656

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: fix refcount underflow in intelengineparkheartbeat A use-after-free / refcount underflow is possible when the heartbeat worker and intelengineparkheartbeat race to release the same engine-heartbeat.systole request. T...

CVE-2026-31656

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: fix refcount underflow in intelengineparkheartbeat A use-after-free / refcount underflow is possible when the heartbeat worker and intelengineparkheartbeat race to release the same engine-heartbeat.systole request. T...

Betterment data breach might be worse than we thought

Betterment LLC is an investment advisor registered with US Securities and Exchange Commission SEC. The company disclosed a January 2026 incident in which an attacker used social engineering to access a third‑party platform used for customer communications, then abused it to send crypto‑themed...

CVE-2025-59886

The CVE-2025-59886 issue affects Eaton xComfort ECI, specifically improper input validation at a web interface endpoint. This could allow a network-adjacent attacker to execute privileged commands on the device. Multiple sources corroborate a high-severity impact (CVSS 3.1: Network access, Privil...

Managed TLS under Migration: Authentication Authority across CDN and Hosting Transitions

Managed TLS has become a common approach for deploying HTTPS, with platforms generating and storing private keys and automating certificate issuance on behalf of domain operators. This model simplifies operational management but shifts control of authentication material from the domain owner to t...

X Warns Users With Security Keys to Re-Enroll Before November 10 to Avoid Lockouts

Social media platform X is urging users who have enrolled for two-factor authentication 2FA using passkeys and hardware security keys like Yubikeys to re-enroll their key to ensure continued access to the service. To that end, users are being asked to complete the re-enrollment, either using thei...

X to Retire Twitter.com, Users Must Re-Register Security Keys by Nov 10

X formerly Twitter is asking users with security keys to re-enroll by Nov 10 as it moves logins from twitter.com to x.com for continued 2FA access...

CVE-2025-61581

UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...

CVE-2023-53628 drm/amdgpu: drop gfx_v11_0_cp_ecc_error_irq_funcs

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: drop gfxv110cpeccerrorirqfuncs The gfx.cpeccerrorirq is retired in gfx11. In gfxv110hwfini still use amdgpuirqput to disable this interrupt, which caused the call trace in this function. 102.873958 Call Trace:...

EUVD-2018-17614

Malware in sbrugna...

FreeBSD : quiche -- Infinite loop triggered by connection ID retirement (32bdeb94-9958-11f0-b6e2-6805ca2fa271)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 32bdeb94-9958-11f0-b6e2-6805ca2fa271 advisory. Quiche Releases reports: This update includes 1 security fix: Tenable has extracted the preceding...

CVE-2025-53192

UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL. This issue affects Apache Commons OGNL: all versions. When using the API Ognl.getValue​, the OGNL engine parses and evaluates the provided expression with powerful capabilities...

quiche connection ID retirement can trigger an infinite loop

Impact Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRECONNECTIONID frames. QUIC connections possess a set of connection identifiers IDs; see Section 5.1 of RFC 9000. Once the QUIC handshake completes, a local endpoint is responsible for...

CVE-2025-7054

Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRECONNECTIONID frames. QUIC connections possess a set of connection identifiers IDs; see Section 5.1 of RFC 9000 https://datatracker.ietf.org/doc/html/rfc9000section-5.1 . Once the QUIC...

CVE-2025-7054 Infinite loop triggered by connection ID retirement

Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRECONNECTIONID frames. QUIC connections possess a set of connection identifiers IDs; see Section 5.1 of RFC 9000 https://datatracker.ietf.org/doc/html/rfc9000section-5.1 . Once the QUIC...

CVE-2025-7054

The CVE-2025-7054 entry concerns Cloudflare’s quiche QUIC/TLS library, where an unauthenticated attacker can trigger an infinite loop by sending RETIRE_CONNECTION_ID frames. The issue arises from how retirement across paths can synchronize multiple active connection IDs, allowing a retirement fra...

quiche -- Infinite loop triggered by connection ID retirement

Quiche Releases reports: This update includes 1 security fix: High CVE-2025-7054: Infinite loop triggered by connection ID retirement. Reported by Catena cyber on 2025-08-07...

Hotfix update for Exchange Server 2019 CU14 HU5: May 29, 2025 (KB5057652)

Hotfix update for Exchange Server 2019 CU14 HU5: May 29, 2025 KB5057652 Hotfix update for Microsoft Exchange Server 2019 CU14 HU5 was released on May 29, 2025. It includes fixes for nonsecurity issues and introduces new features. These fixes and features will also be included in later cumulative...

Hotfix update for Exchange Server 2019 CU15 HU2: May 29, 2025 (KB5057651)

Hotfix update for Exchange Server 2019 CU15 HU2: May 29, 2025 KB5057651 Hotfix update for Microsoft Exchange Server 2019 CU15 HU2 was released on May 29, 2025. It includes fixes for nonsecurity issues and introduces new features. These fixes and features will also be included in later cumulative...