PT-2026-1688

Name of the Vulnerable Software and Affected Versions affected versions not specified Description Attackers are leveraging artificial intelligence to customize malicious payloads in phishing campaigns, enabling them to circumvent security defenses. This issue is related to email security protocol...

CVE-2025-32433 Erlang/OTP SSH Vulnerable to Pre-Authentication RCE

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

Medium: openjpeg2

Issue Overview: openjpeg: heap buffer overflow in bin/common/color.c CVE-2024-56826 Affected Packages: openjpeg2 Issue Correction: Run dnf update openjpeg2 --releasever 2023.6.20250203 to update your system. New Packages: aarch64: openjpeg2-debuginfo-2.4.0-11.amzn2023.0.5.aarch64 ...

HCL BigFix Patch Management 路径遍历漏洞

HCL BigFix Patch Management is a comprehensive patch management solution from HCL Corporation that helps organizations efficiently manage and deploy security and non-security patches for operating systems and applications. A security vulnerability exists in HCL BigFix Patch Management that stems...

Recommended Operating System Patches for Provisioned Windows Targets

Thisarticle lists recommended operating system patches from Microsoft which have been known to resolve issues within provisioned XenApp and other target environments. Note : The recommended hotfixes within the article might have been superseded with another Microsoft hotfix. Refer to the Microsof...

Microsoft Security Update Validation Report December 2023

Microsoft’s December 2023 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing softwa...

Microsoft Security Update Validation Report February 2022

Microsoft’s February 2022 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing softwa...

Microsoft Security Update Validation Report January 2021

Microsoft’s January 2021 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing softwar...

GNU GRUB2 Vulnerability

Free Software Foundation GNU Project's multiboot boot loader, GNU GRUB2, contains a vulnerability—CVE-2020-10713—that a local attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0022)

The remote OracleVM system is missing necessary patches to address critical security updates : - scsi: libfc: sanitize EDTOV and RATOV setting Hannes Reinecke Orabug: 25933179 - scsi: libfc: use configured rport EDTOV Hannes Reinecke Orabug: 25933179 - scsi: libfc: additional debugging messages...

WPA2 Protocol Vulnerabilities - US

Lenovo Security Advisory: LEN-17420 Potential Impact: An attacker could manipulate the vulnerability to affect clients through arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames Severity: High Scope of...

Security Bulletin: IBM Security Access Manager appliances are affected by vulnerabilities in OpenSSH (CVE-2015-5352, CVE-2015-6563, CVE-2015-6564)

Summary Vulnerabilities have been identified in OpenSSH. IBM Security Access Manager appliances use OpenSSH and are affected by these vulnerabilities. Vulnerability Details CVEID: CVE-2015-5352 DESCRIPTION: OpenSSH could allow a remote authenticated attacker to bypass security restrictions, cause...

Sony Playstation 4 (PS4) 5.07 - 'Jailbreak' WebKit / 'bpf v2' Kernel Loader

PS4 5.05 Kernel Exploit --- Summary In this project you will find a full implementation of the second "bpf" kernel exploit for the PlayStation 4 on 5.05. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. This exploit also contai...

Opera mitigates critical CPU vulnerabilities

Security Opera mitigates critical CPU vulnerabilities Share January 4th, 2018 There is a lot of uncertainty right now about the impact of the hardware security issue named Meltdown. There will be a scheduled release of Opera which will contain a first set of workarounds as soon as the browser is...

OracleVM 3.1 : xen (OVMSA-2012-0039)

The remote OracleVM system is missing necessary patches to address critical security updates : - console: bounds check whenever changing the cursor due to an escape code The device model used by fully virtualised HVM domains, qemu, does not properly handle escape VT100 sequences when emulating...

OracleVM 3.3 : glibc (OVMSA-2014-0017)

The remote OracleVM system is missing necessary patches to address critical security updates : - Remove gconv transliteration loadable modules support CVE-2014-5119, - nlfindlocale: Improve handling of crafted locale names CVE-2014-0475, - Don't use alloca in addgetnetgrentX 1087789. - Adjust...

FreeBSD Ports: powerdns, powerdns-devel

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

The Infections That Will Not Die: Conficker and AutoRun

One of the wonderful things about some pieces of malware is that, like that slightly dodgy uncle who never seems to have a job, they never really go away. They just sort of hang about in the background, waiting for the right time to hit you up for some spare cash or CPU cycles. It appears that th...

FreeBSD Ports: joomla15

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

realpath(3) function contains off-by-one buffer overflow

Overview A function originally derived from 4.4BSD, realpath3, contains a vulnerability that may permit a malicious user to gain root access to the server. This function was derived from the FreeBSD 3.x tree. Other applications and operating systems that use or were derived from this code base ma...