OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues

OpenAI on Friday began rolling out Codex Security , an artificial intelligence AI-powered security agent that's designed to find, validate, and propose fixes for vulnerabilities. The feature is available in a research preview to ChatGPT Pro, Enterprise, Business, and Edu customers via the Codex w...

Tuesday, January 13, 2026 Security Releases

Tuesday, January 13, 2026 Security Releases Security releases available Updates are now available for the 25.x, 24.x, 22.x, and 20.x Node.js release lines to address: 3 high severity issues. 4 medium severity issues. 1 low severity issue. This security release includes the following dependency...

Tuesday, July 15, 2025 Security Releases

Tuesday, July 15, 2025 Security Releases Security releases available Updates are now available for the 24.x, 22.x, 20.x Node.js release lines for the following issues. Windows Device Names CON, PRN, AUX Bypass Path Traversal Protection in path.normalize CVE-2025-27210 - high An incomplete fix has...

WordPress Restrict File Access plugin <= 1.1.2 - Authenticated (Subscriber+) Arbitrary File Read vulnerability

Authenticated Subscriber+ Arbitrary File Read vulnerability discovered by johska in WordPress Plugin Restrict File Access versions = 1.1.2...

WordPress The GDPR Framework By Data443 plugin < 2.2.0 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin GDPR Framework By Data443 versions 2.2.0...

Wednesday, May 14, 2025 Security Releases

Wednesday, May 14, 2025 Security Releases Security releases available Updates are now available for the 24.x, 23.x, 22.x, 20.x Node.js release lines for the following issues. Improper error handling in async cryptographic operations crashes process CVE-2025-23166 - high The C++ method...

Tuesday, January 21, 2025 Security Releases

Tuesday, January 21, 2025 Security Releases Security releases available Updates are now available for the 23.x, 22.x, 20.x, 18.x Node.js release lines for the following issues. This security release includes the following dependency updates to address public vulnerabilities: undici v7.2.3, v6.21....

MGASA-2023-0283 Updated chromium-browser-stable package fixes bugs and vulnerabilities

The chromium-browser-stable package has been updated to the 117.0.5938.92 release, fixing bugs and 31 vulnerabilities, together with 117.0.5938.92, 117.0.5938.88, 117.0.5938.62, 116.0.5845.187 and 116.0.5845.179. Google is aware that an exploit for CVE-2023-5217 exists in the wild. High...

SUSE-RU-2022:4361-1 Recommended update for pdsh, slurm_22_05

This update for pdsh, slurm2205 fixes the following issues: Slurm was updated to 22.05.5 - Fixes a number of moderate severity issues, noteable are: Load hash plugin at slurmstepd launch time to prevent issues loading the plugin at step completion if the Slurm installation is upgraded. Update nvm...

You Need to Update iOS, Chrome, Windows, and Zoom ASAP

Plus: Google patches 36 Android vulnerabilities, Cisco fixes three high-severity issues, and VMWare closes two “serious” flaws...

MGASA-2022-0188 Updated chromium-browser-stable packages fix security vulnerability

The chromium-browser-stable package has been updated to the 101.0.4951.64 version, fixing many bugs and 13 CVE. Some of them are listed below: 1316990 High CVE-2022-1633: Use after free in Sharesheet. Reported by Khalil Zhani on 2022-04-18 1314908 High CVE-2022-1634: Use after free in Browser UI...

Critical Auth Bypass Bug Reported in Cisco Wireless LAN Controller Software

Cisco has released patches to contain a critical security vulnerability affecting the Wireless LAN Controller WLC that could be abused by an unauthenticated, remote attacker to take control of an affected system. Tracked as CVE-2022-20695, the issue has been rated 10 out of 10 for severity and...

FreeBSD : jenkins -- multiple vulnerabilities (06ab7724-0fd7-427e-a5ce-fe436302b10c)

Jenkins developers report : The agent to master security subsystem ensures that the Jenkins master is protected from maliciously configured agents. A path traversal vulnerability allowed agents to escape whitelisted directories to read and write to files they should not be able to access. Black...

SUSE-SU-2016:2394-1 Security update for openssl

This update for openssl fixes the following issues: OpenSSL Security Advisory 22 Sep 2016 bsc999665 Severity: High OCSP Status Request extension unbounded memory growth CVE-2016-6304 bsc999666 Severity: Low Pointer arithmetic undefined behaviour CVE-2016-2177 bsc982575 Constant time flag not...

SUSE-SU-2016:2387-1 Security update for openssl

This update for openssl fixes the following issues: OpenSSL Security Advisory 22 Sep 2016 bsc999665 Severity: High OCSP Status Request extension unbounded memory growth CVE-2016-6304 bsc999666 Severity: Low Pointer arithmetic undefined behaviour CVE-2016-2177 bsc982575 Constant time flag not...

Facebook Bug Bounty Submissions Dramatically Increase

Facebook today reported a dramatic increase in 2013 submissions to its bug bounty program, and said that despite reports from researchers that it’s becoming difficult to find severe bugs on its various properties, the social network plans to increase rewards for critical bugs. “The volume of...

Multiple vulnerability in NetServe 1.0.7

/ | For Contacts: | nimber | e-mail: [email protected] | [email protected] |Home Page: www.nimber.plux.ru |ICQ: 132614 Advisory Information: ================= Application : NetServe Web Server Date : 17.11.2003 Vendor Homepage : http://www.starlots.com/netx/index.html Versions : 1.0.7 maybe older...