MGASA-2025-0249 Updated icu packages fix security vulnerability

A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution...

Updated icu packages fix security vulnerability

A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution...

Self-Spreading 'GlassWorm' Infects VS Code Extensions in Widespread Supply Chain Attack

Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code VS Code extensions on the Open VSX Registry and the Microsoft Extension Marketplace, underscoring how developers have become a prime target for attacks. The sophisticated threat, codenamed...

PT-2025-43461

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A flaw exists where a file path filter designed to restrict access to sensitive directories can be bypassed due to incorrect unicode normalization. This could allow a local user to gain elevated...

Home Depot Halloween phish gives users a fright, not a freebie

We received a timely phishing email pretending to come from Home Depot. It claimed we’d won a Gorilla Carts dump cart that’s a sort of four-wheeled wheelbarrow for anyone unfamiliar—and said it was just one click away. It wasn’t. The whole image in the email was clickable, and it hid plenty of...

JLSEC-2025-171 A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_t...

A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidicaprtltounicode function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and...

Exploit for CVE-2025-1094

🛠️ CVE-2025-1094 Lab Setup ⚠️ Disclaimer This lab i...

Incomplete Filtering of One or More Instances of Special Elements

Overview validator is a library of string validators and sanitizers. Affected versions of this package are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength function that does not take into account Unicode variation selectors \uFE0F, \uFE0E appearing ...

Incomplete Filtering of One or More Instances of Special Elements

Overview org.webjars.npm:validator is an A library of string validators and sanitizers. Affected versions of this package are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength function that does not take into account Unicode variation selectors \uFE0F...

RUSTSEC-2025-0102 `unic-ucd-age` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...

RUSTSEC-2025-0086 `unic-char` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...

RUSTSEC-2025-0076 `unic-ucd-name` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...

RUSTSEC-2025-0100 `unic-ucd-ident` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties - unicode-ident...

`unic-ucd-name_aliases` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...

`unic-ucd-segment` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...

`unic-char-range` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - Since version 1.45.0 Rust supports using char with ops::Range, RangeFrom, RangeFull, RangeInclusive, RangeTo to iterate over a range of codepoints...

RUSTSEC-2025-0084 `unic-emoji` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...

RUSTSEC-2025-0089 `unic-ucd-name_aliases` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...

RUSTSEC-2025-0091 `unic-utils` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...

RUSTSEC-2025-0082 `unic-normal` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icunormalizer - unicode-normalization...