Containers on fire: from container escapes to supply chain attacks

Introduction Modern infrastructures universally rely on containerization to deploy applications, scale services, and build cloud platforms. The use of Docker, Kubernetes, and similar technologies has become the corporate standard for efficient automation. However, as containers grow in popularity...

How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)

Introduction ExifTool is a widely adopted utility for reading and writing metadata in image, PDF, audio, and video files. It is available both as a standalone command-line application and as a library that can be embedded in other software. In this article, we break down CVE-2026-3102, an ExifToo...

Astra Linux - уязвимость в firefox, thunderbird

Offscreen Canvas did not properly prevent cross-origin tampering, which could allow access to image data from another site in violation of the same-origin policy. This vulnerability affects Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12...

Astra Linux - уязвимость в firefox, thunderbird

Offscreen Canvas did not properly prevent cross-origin tampering, which could have been used to access image data from another site in violation of the same-origin policy. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

SUSE SLES15 / openSUSE 15 Security Update : dpdk22 (SUSE-SU-2025:4534-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4534-1 advisory. Update to version 22.11.10. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a...

SUSE-SU-2026:20055-1 Security update for dpdk

This update for dpdk fixes the following issues: Update to version 22.11.10. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface bsc1254161. Other updates and...

Security update for dpdk22

This update for dpdk22 fixes the following issues: Update to version 22.11.10. Security issues fixed: CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface bsc1254161. Other updates and...

CLSA-2025-1766568231 webkit2gtk3: Fix of CVE-2025-43392

CVE-2025-43392: fix cross-origin image data leak by correctly tainting OffscreenCanvas when transferring a cross-origin ImageBitmap...

TencentOS Server 2: firefox (TSSA-2024:0242)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0242 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

EUVD-2018-8239

Malware in sbrugna...

EUVD-2015-3335

Malware in sbrugna...

EUVD-2015-7465

Malware in sbrugna...

EUVD-2023-53936

Malicious code in bioql PyPI...

PT-2025-18435

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A vulnerability in the Linux kernel has been resolved, related to the HuC delayed loading fence. The issue occurs when the fence is not released on early probe errors, potentially...

Mozilla: Cross-Origin Image leak via Offscreen Canvas

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy...

Mozilla: Cross-Origin Image leak via Offscreen Canvas

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy...

Mozilla: Cross-Origin Image leak via Offscreen Canvas

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy...

Mozilla: Cross-Origin Image leak via Offscreen Canvas

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy...

Mozilla: Cross-Origin Image leak via Offscreen Canvas

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy...

Mozilla: Cross-Origin Image leak via Offscreen Canvas

The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy...