Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Jul 2025 - Includes OpenJDK July 2025 CPU vilnerabilities

Summary Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Jul 2025 - Includes OpenJDK July 2025 CPU vilnerabilities with CVEs CVE-2025-50059, CVE-2025-50106, CVE-2025-30749, CVE-2025-30761, CVE-2025-30754 Vulnerability Details Refer to the security bulletins listed ...

Security Bulletin: urllib3 Redirect Control Vulnerability in Pyodide Runtime (Versions 2.2.0 to <2.5.0), which affects IBM watsonx.data

Summary urllib3 is a user-friendly HTTP client library for Python. Starting in version 2.2.0 and prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This...

MCPGuard : Automatically Detecting Vulnerabilities in MCP Servers

The Model Context Protocol MCP has emerged as a standardized interface enabling seamless integration between Large Language Models LLMs and external data sources and tools. While MCP significantly reduces development complexity and enhances agent capabilities, its openness and extensibility...

Siemens SIMATIC Devices Improper Locking (CVE-2024-27004)

In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disableunused This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

[SECURITY] Fedora 43 Update: python3.12-3.12.12-1.fc43

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

[SECURITY] Fedora 43 Update: runc-1.3.2-1.fc43

The runc command can be used to start containers which are packaged in accordance with the Open Container Initiative's specifications, and to manage containers running under runc...

[SECURITY] Fedora 43 Update: cri-o1.31-1.31.13-1.fc43

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

[SECURITY] Fedora 43 Update: cri-o1.32-1.32.9-1.fc43

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

[SECURITY] Fedora 43 Update: cri-o1.33-1.33.5-1.fc43

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

[SECURITY] Fedora 43 Update: cri-o1.34-1.34.1-1.fc43

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

EUVD-2025-35894

Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an attacker with physical access can modify or replace the bootloader, kernel, or filesystem and gain persistent code execution on reboo...

CVE-2025-34502

Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an attacker with physical access can modify or replace the bootloader, kernel, or filesystem and gain persistent code execution on reboo...

CVE-2025-34502

The CVE-2025-34502 entry affects Deck Mate 2 by lacking a verified secure-boot chain and runtime integrity validation for its controller and display modules. This allows a physically proximate attacker to modify or replace the bootloader, kernel, or filesystem, enabling persistent code execution ...

CVE-2025-34502 Shuffle Master Deck Mate 2 Missing Secure Boot

Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an attacker with physical access can modify or replace the bootloader, kernel, or filesystem and gain persistent code execution on reboo...

CVE-2025-62711

Wasmtime is a runtime for WebAssembly. In versions from 38.0.0 to before 38.0.3, the implementation of component-model related host-to-wasm trampolines in Wasmtime contained a bug where it's possible to carefully craft a component, which when called in a specific way, would crash the host with a...

PT-2025-43688

Name of the Vulnerable Software and Affected Versions Deck Mate 2 affected versions not specified Description The Deck Mate 2 device does not have a verified secure-boot chain or runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an...

Light & Wonder Deck Mate 安全漏洞

Light & Wonder Deck Mate is an automated licensing device from Light & Wonder, UK. A security vulnerability exists in Light & Wonder Deck Mate that stems from a lack of secure boot chain validation and runtime integrity validation, which could allow a physically accessible attacker to modify or...

Security Bulletin: IBM DataPower Gateway affected by vulnerabilities in Java runtime

Summary Java Runtime is bundled with IBM DataPower Gateway, and used by some bundled components. CVE-2025-50059, CVE-2025-30754 Vulnerability Details CVEID:CVE-2025-50059 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle...

Security Bulletin: multiple vulerability in IBM Spectrum Symphony with Node.js

Summary multiple vulerability in IBM Spectrum Symphony with Node.js Vulnerability Details CVEID:CVE-2024-27982 DESCRIPTION: The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling...

Security Bulletin: multiple vulerability in IBM Spectrum Symphony with IBM JRE

Summary multiple vulerability in IBM Spectrum Symphony with IBM JRE Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause high confidentiality, high integrity impacts. CWE:CWE-200: Exposur...