364 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: using the old ‘nbands’ value while purging unused classes Shuang reported that the schets test case crashes in etsclassqlennotify after recent changes made by Lion 2. The issue arises when performing etsqdiscchang...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: netsched: drr: A double addition was corrected in the class, where netem is a child qdisc. As described in Gerrard’s report 1, there are use cases where a netem child qdisc can make the parent qdisc’s enqueue callback reentrant. ...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: netsched: Prevent the creation of classes with TCHROOT. The function qdisctreereducebacklog uses TCHROOT as a termination condition when traversing the qdisc tree to update parent backlog counters. However, if a class is created...
MiracleLinux 7 : rh-ruby25-ruby-2.5.9-9.el7 (AXSA:2021-1762:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1762:01 advisory. ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch? CVE-2019-15845 ruby: Regular expression denial of service vulnerability of...
MiracleLinux 8 : ruby:2.5 (AXSA:2021-2345:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2345:01 advisory. ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch? CVE-2019-15845 ruby: Regular expression denial of service vulnerability of...
MiracleLinux 7 : rh-ruby27-ruby-2.7.3-129.el7 (AXSA:2021-1769:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1769:01 advisory. ruby: Potential HTTP request smuggling in WEBrick CVE-2020-25613 ruby: XML round-trip vulnerability in REXML CVE-2021-28965 Tenable has extracted th...
MiracleLinux 8 : ruby:2.7 (AXSA:2021-2391:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2391:01 advisory. ruby: Potential HTTP request smuggling in WEBrick CVE-2020-25613 ruby: XML round-trip vulnerability in REXML CVE-2021-28965 Tenable has extracted th...
net/sched: ets: Remove drr class from the active list if it changes to strict
...
ZkRansomware: Proof-Of-Data Recoverability and Multi-Round Game Theoretic Modeling of Ransomware Decisions
Ransomware is still one of the most serious cybersecurity threats. Victims often pay but fail to regain access to their data, while also facing the danger of losing data privacy. These uncertainties heavily shape the attacker-victim dynamics in decision-making. In this paper, we introduce and...
CVE-2020-12118
The keygen protocol implementation in Binance tss-lib before 1.2.0 allows attackers to generate crafted h1 and h2 parameters in order to compromise a signing round or obtain sensitive information from other parties...
CVE-2025-23784
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in David Jeffrey Contact Form 7 Round Robin Lead Distribution contact-form-7-round-robin-lead-distribution allows SQL Injection.This issue affects Contact Form 7 Round Robin Lead Distribution: from n/...
PT-2026-27744
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-virtme 45 Description The Linux kernel contained a flaw in the ETS scheduler offload path where averaging over the sums of quanta could lead to an integer overflow and subsequent division by zero. This cou...
PT-2026-26749
An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gst wavparse adtl chunk function. The patch added a size validation check lsize + 8 size, but it does not account for the GST ROUND UP 2lsize used in the actual offset calculation. When lsize is an odd number, the parser advance...
PT-2026-8185
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to shared memory shmem handling during file truncation. Specifically, an infinite loop can occur when truncating a large swap entry due to a rac...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992823)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992823 advisory. In the Linux kernel, the following vulnerability has been resolved: hwmon: adc128d818 Fix underflows seen when writing limit attributes DIVROUNDCLOSEST after kstrtol...
The Imitation Game: Using Large Language Models As Chatbots to Combat Chat-Based Cybercrimes
Chat-based cybercrime has emerged as a pervasive threat, with attackers leveraging real-time messaging platforms to conduct scams that rely on trust-building, deception, and psychological manipulation. Traditional defense mechanisms, which operate on static rules or shallow content filters,...
EUVD-2025-203772
In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: leaf: Fix potential infinite loop in command parsers The kvaserusbleafwaitcmd and kvaserusbleafreadbulkcallback functions contain logic to zero-length commands. These commands are used to align data to the USB...
CVE-2025-68308
In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: leaf: Fix potential infinite loop in command parsers The kvaserusbleafwaitcmd and kvaserusbleafreadbulkcallback functions contain logic to zero-length commands. These commands are used to align data to the USB...
PT-2025-51712
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the kvaser usb leaf wait cmd and kvaser usb leaf read bulk callback functions related to handling zero-length commands used for aligning data to U...
CVE-2025-66017
CVE-2025-66017 affects the CGGMP family (CGGMP21 and CGGMP24). The vulnerability arises from improper use of presignatures in specific configurations, allowing signature forgery or reduced security. Affected details indicate that in CGGMP21 <= 0.6.3 and CGGMP24