Important: libtiff

Issue Overview: libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c. CVE-2025-61143 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. CVE-2025-61144 Affected Packages: libtiff...

EUVD-2025-6220

Malicious code in bioql PyPI...

Low: ImageMagick

Issue Overview: In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used. CVE-2025-43965 Affected Packages: ImageMagick Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference betwe...

CVE-2022-24140

IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the update from the file a...

ROS-2-395

2.395 Notification on update of the Red OS OPERATION SYSTEM RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a standard...

KB5042320: Windows Recovery Environment update for Windows 10, version 21H2 and 22H2: January 9, 2024

KB5042320: Windows Recovery Environment update for Windows 10, version 21H2 and 22H2: January 9, 2024 IMPORTANT This update will not be offered if your Windows Recovery Environment WinRE meets any of the following conditions: If the WinRE recovery partition does not have sufficient free space, se...

April 9, 2024-Security Only Update for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 (KB5037128)

April 9, 2024-Security Only Update for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 KB5037128 Applies to: Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.6.2 REMINDER Windows Embedded 7 Standard and Windo...

Medium: openssh

Issue Overview: AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A protocol extension has been introduced by OpenSSH which needs to be applied to both the client and the server in order to address this issue. We recommen...

How to Manually Update Suspicious File List

Intended Audience This article is intended for Windows-based Veeam Backup & Replication deployments where the software cannot access the internet to automatically update the SuspiciousFiles.xml file used by the Veeam Data Analyzer Service. In environments where the Veeam Backup Server can access...

September 12, 2023-Security Only Update for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 (KB5030175)

September 12, 2023-Security Only Update for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 KB5030175 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2...

PT-2023-33668 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4 Description: A potential memory leak issue has been identified. The actual impact and attack plausibility have not yet been proven. This issue is related to the drm/amd/display component. Recommendations: F...

Remote code execution

IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the update from the file a...

CVE-2022-24140

The CVE-2022-24140 entry affects IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot. The issue arises in the update mechanism: products fetch a config file via HTTP, parse the update location from that file, and automatically install updat...

CVE-2022-24140

IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the update from the file a...

Security Bulletin: Node.js lodash vulnerability affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) ( CVE-2019-10744)

Summary Node.js lodash denial of service vulnerability affects IBM Spectrum Control formerly Tivoli Storage Productivity Center. Vulnerability Details CVEID: CVE-2019-10744 DESCRIPTION: Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be...

Security Bulletin: Vulnerability in Apache Commons FileUpload affects IBM Spectrum Control and Tivoli Storage Productivity Center (CVE-2016-1000031)

Summary A vulnerability in Apache Commons FileUpload affects IBM Spectrum Control formerly Tivoli Storage Productivity Center. Apache Commons FileUpload, as used in IBM Websphere Liberty and other products, could allow a remote attacker to execute arbitrary code on the system, caused by...

ROS-2-1342

2.1342 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

ROS-2-2087

2.2087 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

Hotfix XS82E032 - For Citrix Hypervisor 8.2

Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2. All customers who are affected by the issues described inCTX325319 - Citrix Hypervisor Multiple Security Updatesshould install this hotfix. Information About this Hotfix Component| Details ---|---...

CVE-2020-25785

An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CFtpProtocol::FtpLogin during the update procedure...