PT-2026-40951

HCL AION is affected by a vulnerability where sensitive backend infrastructure details may be exposed. Exposure of such information could reveal internal system architecture or configuration details, which may potentially assist in further analysis or targeted actions under certain conditions...

HCL AION 安全漏洞

HCL AION is an AI lifecycle management platform developed by the Indian company HCL. HCL AION has a security vulnerability, which stems from the possibility of exposing sensitive details related to backend infrastructure. This could lead to the disclosure of internal system architecture or...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: s390/cio: verify the driver availability for pathevent call If no driver is attached to a device or the driver does not provide the pathevent function, an FCES path-event on this device could end up in a kernel-panic. Verify the...

A Survey of Security Challenges and Solutions for Advanced Air Mobility and EVTOL Aircraft

This survey reviews the existing and envisioned security vulnerabilities and defense mechanisms relevant to Advanced Air Mobility AAM systems, with a focus on electric vertical takeoff and landing eVTOL aircraft. Drawing from vulnerabilities in the avionics in commercial aviation and the automate...

Automated Penetration Testing with LLM Agents and Classical Planning

While penetration testing plays a vital role in cybersecurity, achieving fully automated, hands-off-the-keyboard execution remains a significant research challenge. In this paper, we introduce the "Planner-Executor-Perceptor PEP" design paradigm and use it to systematically review existing work a...

DEBIAN-CVE-2022-50625

In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter "B Generic UART" in "ARM Server Base System Architecture" 1 documentation describes a generic UART interface. Such generic UART does not support DMA. In current...

EUVD-2025-9725

Malicious code in bioql PyPI...

CVE-2025-0279

HCL Traveler generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this information to gain insights into the system's architecture and...

CVE-2025-0279

HCL Traveler generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this information to gain insights into the system's architecture and...

CVE-2025-0279 HCL Traveler is affected by generation of error messages containing sensitive information

HCL Traveler generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this information to gain insights into the system's architecture and...

CVE-2025-0279

CVE-2025-0279 affects HCL Traveler. Public sources describe a vulnerability where error messages reveal detailed internal information (paths, file names, tokens, credentials, error codes, stack traces), which could aid an attacker in understanding system architecture and planning targeted attacks...

CVE-2025-0279 HCL Traveler is affected by generation of error messages containing sensitive information

HCL Traveler generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this information to gain insights into the system's architecture and...

HCL Traveler 安全漏洞

HCL Traveler is a software from HCL India. It is used to provide automatic, bi-directional, wireless synchronization between HCL Domino servers and wireless handheld devices. A security vulnerability exists in HCL Traveler that stems from the provision of detailed error information in error...

USN-7403-1: Linux kernel (HWE) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 Attila Szász discovered that the HFS+ file system...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7295-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7295-1 advisory. Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a...

Moderate: Red Hat Security Advisory: python-idna security update

An update for python-idna is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

CVE-2022-48892

In the Linux kernel, the following vulnerability has been resolved: sched/core: Fix use-after-free bug in dupusercpusptr Since commit 07ec77a1d4e8 "sched: Allow task CPU affinity to be restricted on asymmetric systems", the setting and clearing of usercpusptr are done under pilock for arm64...

Moderate: python-idna security update

The hsakmt packages include a thunk library for AMD's Heterogeneous System Architecture HSA Linux kernel driver amdkfd. Security Fixes: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 For more details about the security issues, includi...

RHEL 9 : python-idna (RHSA-2024:3846)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3846 advisory. The hsakmt packages include a thunk library for AMD's Heterogeneous System Architecture HSA Linux kernel driver amdkfd. Security Fixes: python-idna:...

STRRAT a Java-Powered Versatile Remote Access Trojan

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary STRRAT, a Java-based RAT, excels in utilizing a wide array of capabilities. Its latest version, STRRAT 1.6, is notable for employing diverse infection paths and conducting startup host queries to...