Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989921)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989921 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: core: Run atomic i2c xfer when !preemptible Since bae1d3a05a8b, i2c transfers are non-atomic...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989969)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989969 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: core: Run atomic i2c xfer when !preemptible Since bae1d3a05a8b, i2c transfers are non-atomic...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989110)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989110 advisory. In the Linux kernel, the following vulnerability has been resolved: comedi: dt9812: fix DMA buffers on stack USB transfer buffers are typically mapped for DMA and mu...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990080)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990080 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: aardvark: Fix kernel panic during PIO transfer Trying to start a new PIO transfer by writing...

Designing Proportionate Cybersecurity Frameworks for European Micro-Enterprises: Lessons from the Squad 2025 Case

Micro and small enterprises SMEs account for most European businesses yet remain highly vulnerable to cyber threats. This paper analyses the design logic of a recent European policy initiative -- the Squad 2025 Playbook on Cybersecurity Awareness for Micro-SMEs -- to extract general principles fo...

New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea

The North Korea-linked threat actor known as Kimsuky has distributed a previously undocumented backdoor codenamed HttpTroy as part of a likely spear-phishing attack targeting a single victim in South Korea. Gen Digital, which disclosed details of the activity, did not reveal any details on when t...

Vulnerability fixed in Progress MOVEit Transfer

Progress has fixed a vulnerability in MOVEit Transfer Specifically for versions 2025.0.0 to 2025.0.3, 2024.1.0 to 2024.1.7, and 2023.1.0 to 2023.1.16. The vulnerability involves uncontrolled resource consumption that can lead to resource depletion, which can affect the performance and availabilit...

Machine and Deep Learning for Indoor UWB Jammer Localization

Ultra-wideband UWB localization delivers centimeter-scale accuracy but is vulnerable to jamming attacks, creating security risks for asset tracking and intrusion detection in smart buildings. Although machine learning ML and deep learning DL methods have improved tag localization, localizing...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against devlec changes. It appears that there were calls to devput without prior calls to devhold, leading to imbalance and UAF Use-After-Fault errors...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Detect events pointing to unexpected TREs When a remote device sends a completion event to the host, it contains a pointer to the consumed TRE. The host uses this pointer to process all of the TREs between itself...

WordPress plugin Import WP – Export and Import CSV and XML files to WordPress 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension that can ...

USN-7835-4 linux-hwe-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

CVE-2025-36249

IBM Jazz for Service Management versions 1.1.3.0–1.1.3.25 do not set the Secure attribute on authorization tokens or session cookies, enabling potential cookie theft via http links or injected sites. Remediation per IBM/Red Hat entries: upgrade to JazzSM 1.1.3.26 (1.1.3-TIV-JazzSM-multi-FP026). A...

CVE-2025-10932

Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer AS2 module.This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16...

CVE-2025-61234

Incorrect access control on Dataphone A920 v2025.07.161103 exposes a service on port 8888 by default on the local network without authentication. This allows an attacker to interact with the device via a TCP socket without credentials. Additionally, sending an HTTP request to the service on port...

EUVD-2025-36641

Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer AS2 module.This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16...

CVE-2025-10932

Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer AS2 module.This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16...

CVE-2025-10932 AS2 module allows uncontrolled file uploads

Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer AS2 module.This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16...

CVE-2025-10932

CVE-2025-10932 is an Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module). The issue affects MOVEit Transfer versions 2025.0.0–before 2025.0.3, 2024.1.0–before 2024.1.7, and 2023.1.0–before 2023.1.16. The root cause is an input/AS2 request handling flaw that ca...

CVE-2025-10932 AS2 module allows uncontrolled file uploads

Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer AS2 module.This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16...