CVE-2025-38293 wifi: ath11k: fix node corruption in ar->arvifs list

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix node corruption in ar-arvifs list In current WLAN recovery code flow, ath11kcorehalt only reinitializes the "arvifs" list head. This will cause the list node immediately following the list head to become an...

Navigating the Growing Field of Research on AI for Software Testing

In industry, software testing is the primary method to verify and validate the functionality, performance, security, usability, and so on, of software-based systems. Test automation has gained increasing attention in industry over the last decade, following decades of intense research into test...

MAL-2025-3421 Malicious code in testing433 (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2024-58096 wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: add srng-lock for ath11khalsrng in monitor mode ath11khalsrng should be used with srng-lock to protect srng data. For ath11kdprxmondestprocess and ath11kdpfullmonprocessrx, they use ath11khalsrng for many times but...

[SECURITY] Fedora 40 Update: python3.9-3.9.21-4.fc40

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

Moderate: Red Hat Bug Fix Advisory: Updated rhel9/toolbox container image

An updated rhel9/toolbox container image is now available in the Red Hat container registry. The rhel9/toolbox container image can be used with Toolbox to obtain RHEL based containerized command line environments to aid with development and software testing. Toolbox is built on top of Podman and...

Radamsa - A General-Purpose Fuzzer

Radamsa is a test case generator for robustness testing, a.k.a. a fuzzer. It is typically used to test how well a program can withstand malformed and potentially malicious inputs. It works by reading sample files of valid data and generating interestringly different outputs from them. The main...

Spring Tips: Spring Boot Testjars

Hi, Spring fans! In this installment we look at the brand new Spring Boot Testjars project, which greatly simplifies standing up and reusing satellite Java-based services like other Spring Boot-based microservices or infrastructure like the Spring Authorization Server. springboot java java21...

toolbox security update

An update is available for toolbox. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The toolbox container image can be used with Toolbox to obtain Rocky Linux...

RLSA-2023:6077 Moderate: toolbox security update

The toolbox container image can be used with Toolbox to obtain Rocky Linux based containerized command line environments to aid with development and software testing. Toolbox is built on top of Podman and other standard container technologies from OCI. This updates the toolbox image in the Rocky...

Non-Privilege user can view Patient's Amendments

Description We would like to report the vulnerability we found during software testing. The OpenEMR 7.0.0 latest version Open-Source electronic health records and medical practice management application has Insecure direct object reference IDOR to function “Patient’s Amendments”, and it never bee...

Improve Your Hacking Skills with 9 Python Courses for Just $39

For anyone with interest in cybersecurity, learning Python is a must. The language is used extensively in white hat hacking, and professionals use Python scripts to automate tests. It also has a use in the "soft" side of cybersecurity — like scraping the web for compromised data and detecting bug...

Unspecified Vulnerability in HCL OneTest

HCL OneTest is a software testing tool from HCL India that provides multiple testing options. The software supports API testing, functional testing, UI testing, performance testing and service virtualization to support software automation testing. A security vulnerability exists in HCL OneTest...

HCL OneTest License Issue Vulnerability

HCL OneTest is a software testing tool from HCL India that provides multiple testing options. The software supports API testing, functional testing, UI testing, performance testing and service virtualization to support software automation testing. An authorization issue vulnerability exists in HC...

HCL OneTest Information Disclosure Vulnerability

HCL OneTest is a software testing tool from HCL India that provides multiple testing options. The software supports API testing, functional testing, UI testing, performance testing and service virtualization to support software automation testing. A security vulnerability exists in HCL OneTest...

SQL Injection Vulnerability in Testlink

TestLink is a set of open source software for managing the software testing process and providing statistical analysis. A SQL injection vulnerability exists in Testlink. An attacker can exploit this vulnerability to execute illegal SQL commands...

Fuzzing: Common Tools and Techniques

Fuzzing is a software testing methodology that can be used from either a black or white box perspective and predominantly consists of providing deliberately malformed inputs to an application to identify errors such as unhandled exceptions, memory spikes, thread hangs, read access violations or...

Deploying VirtualBox virtual machines with Vagrant

I often use virtual machines for various tasks: from building software packages to testing software products or PoCs for vulnerabilities. Creating a virtual machine in Oracle VirtualBox is a time-consuming and annoying process: set parameters of VM, attach iso, make dozens of clicks in OS...

Dup Scout Enterprise 10.5.12 Share Username Buffer Overflow

!/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: Dup Scout Enterprise 10.5.12 - Local Buffer Overflow Date: 02-22-2018 Vulnerable Software: Dup Scout Enterprise v10.5.12 Vendor Homepage: http://www.dupscout.com Version: 10.5.12 Software Link:...

CERT Basic Fuzzing Framework: BFF

CERT Basic Fuzzing Framework The CERT Basic Fuzzing Framework BFF is a software testing tool that finds defects in applications that run on the Linux and Mac OS X platforms. BFF performs mutational fuzzing on software that consumes file input. Mutational fuzzing is the act of taking well-formed...