Malicious code in kinvey-phonegap-angular-sdk (npm)

The package kinvey-phonegap-angular-sdk was found to contain malicious code...

MAL-2025-33095 Malicious code in shield-sdk (npm)

The package shield-sdk was found to contain malicious code...

CVE-2025-32004

CVE-2025-32004 concerns the Intel Edger8r Tool in the Intel SGX SDK. The issue is caused by improper input validation in the Edger8r Tool, which may permit an authenticated user to escalate privileges via local access. Documented impact indicates privilege escalation with local access, applicable...

CVE-2025-32004

Improper input validation in the Intel Edger8r Tool for some IntelR SGX SDK may allow an authenticated user to potentially enable escalation of privilege via local access...

Linux Distros Unpatched Vulnerability : CVE-2025-37935

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix SER panic with 4GB+ RAM If the mtkpollrx function detects the...

Security Bulletin: WebSphere Service Registry and Repository (WSSR) is affected by IBM SDK, Java Technology Edition Quarterly CPU - July 2025 - Includes Oracle July 2025 CPU plus CVE-2025-30754

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository, and it uses the IBM® Java SDK. Information about the IBM® Java SDK July 2025 CPU is available in a Security Bulletin. Vulnerability Details Refer to the security bulletins listed in the...

Airoha Bluetooth audio SDK 安全漏洞

Airoha Bluetooth audio SDK is a software development kit from Airoha. Airoha Bluetooth audio SDK suffers from a security vulnerability that originates from unauthorized access to the RACE protocol and could result in remote elevation of privilege...

CVE-2025-53541

Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition prior to version 16.9.99.1751892857 and Tuleap Enterprise Edition prior to 16.8-5 and 16.9-3, malicious users with some control over certain artifacts could inser...

CVE-2025-53541

Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition prior to version 16.9.99.1751892857 and Tuleap Enterprise Edition prior to 16.8-5 and 16.9-3, malicious users with some control over certain artifacts could inser...

CVE-2025-52899

Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition prior to version 16.9.99.1750843170 and Tuleap Enterprise Edition prior to 16.8-4 and 16.9-2, the forgot password form allows for user enumeration. This is fixed ...

CVE-2025-53902

Tuleap exposes confidential artifact information to unauthorized users via email notifications. CVE-2025-53902 affects Tuleap Community Edition <16.9.99.1752585665 and Tuleap Enterprise Edition <16.8-6 and

CVE-2025-53902 Tuleap exposes artifacts to a mentioned user via email notifications

Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition prior to version 16.9.99.1752585665 and Tuleap Enterprise Edition prior to 16.8-6 and 16.9-5, users may potentially access confidential information from artifacts...

CVE-2025-53541

CVE-2025-53541 affects Tuleap Community Edition (before 16.9.99.1751892857) and Tuleap Enterprise Edition (before 16.8-5 and 16.9-3). Malicious users could insert malicious code when displaying the children of a parent artifact, causing XSS. The fixed versions are Tuleap Community Edition 16.9.99...

CVE-2025-52899 Tuleap vulnerable to user enumeration via the lost password form

Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition prior to version 16.9.99.1750843170 and Tuleap Enterprise Edition prior to 16.8-4 and 16.9-2, the forgot password form allows for user enumeration. This is fixed ...

CVE-2025-52899 Tuleap vulnerable to user enumeration via the lost password form

Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition prior to version 16.9.99.1750843170 and Tuleap Enterprise Edition prior to 16.8-4 and 16.9-2, the forgot password form allows for user enumeration. This is fixed ...

RLSA-2025:11802 Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: sqlite: Integer Truncation in SQLite CVE-2025-6965 For more details about the security issues, including the impact, a CVSS score, acknowledgments...

nodejs:20 security update

An update is available for module.nodejs-nodemon, module.nodejs-packaging, nodejs, nodejs-nodemon, module.nodejs, nodejs-packaging. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RLSA-2025:8514 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 For more details about the security issues, including the impact, a CVSS...

RLSA-2025:11803 Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: sqlite: Integer Truncation in SQLite CVE-2025-6965 For more details about the security issues, including the impact, a CVSS score, acknowledgments...

nodejs:22 security update

An update is available for module.nodejs-nodemon, nodejs, nodejs-nodemon, nodejs-packaging, module.nodejs, module.nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...