CVE-2025-55559

An issue was discovered TensorFlow v2.18.0. A Denial of Service DoS occurs when padding is set to 'valid' in tf.keras.layers.Conv2D...

CVE-2025-20312

Cisco IOS XE Software SNMP subsystem vulnerability (CVE-2025-20312) allows authenticated remote attackers to cause DoS by causing a device reload through a crafted SNMP request. Affected: SNMP v1/v2c/v3; exploitation requires a valid read-write or read-only community string (v2c) or valid SNMP us...

Malicious Package

Overview eslint-config-detector is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

Malicious code in valid-ip-check (npm)

The package valid-ip-check was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-47448 Malicious code in valid-ip-check (npm)

The package valid-ip-check was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

Linux Distros Unpatched Vulnerability : CVE-2022-50261

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/sti: Fix return type of stidvo,hda,hdmiconnectormodevalid With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validat...

SUSE CVE-2022-50261

In the Linux kernel, the following vulnerability has been resolved: drm/sti: Fix return type of stidvo,hda,hdmiconnectormodevalid With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the...

CVE-2025-54391

A vulnerability in the EnableTwoFactorAuthRequest SOAP endpoint of Zimbra Collaboration ZCS allows an attacker with valid user credentials to bypass Two-Factor Authentication 2FA protection. The attacker can configure an additional 2FA method either a third-party authenticator app or email-based...

CVE-2022-50261

In the Linux kernel, the following vulnerability has been resolved: drm/sti: Fix return type of stidvo,hda,hdmiconnectormodevalid With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the...

DEBIAN-CVE-2022-50261

In the Linux kernel, the following vulnerability has been resolved: drm/sti: Fix return type of stidvo,hda,hdmiconnectormodevalid With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the...

CVE-2022-50261

Summary (CVE-2022-50261) : Linux kernel drivers for STI DRM (sti_hda.c, sti_dvo.c, sti_hdmi.c) used an int return type for mode_valid(), but the drm_connector_helper_funcs prototype requires returning an enum drm_mode_status. This mismatch can trigger a CFI (kCFI) failure and runtime problems (ke...

CVE-2022-50261 drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid()

In the Linux kernel, the following vulnerability has been resolved: drm/sti: Fix return type of stidvo,hda,hdmiconnectormodevalid With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the...

CVE-2022-50261 drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid()

In the Linux kernel, the following vulnerability has been resolved: drm/sti: Fix return type of stidvo,hda,hdmiconnectormodevalid With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a mismatch in the return type of the stidvo,hda,hdmiconnectormodevalid function, which could lead to a kernel...

PT-2025-37515

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue within the DRM/STI subsystem where the return type of sti dvo connector mode valid, sti hda connector mode valid, and sti hdmi connector mode valid...

Rapid7 Q2 2025 Incident Response Findings

Rapid7’s Q2 incident response IR data illustrates a solidification of trends first observed in Q1. There are no sweeping changes to commonly observed malware, or noticeably different software being deployed by threat actors in Q2. If you were expecting Bunny Loader to lose its impressive...

PT-2025-36994

Name of the Vulnerable Software and Affected Versions: Infrahub versions prior to 1.3.9 Infrahub versions prior to 1.4.5 Description: Infrahub provides a central hub for managing data, templates, and playbooks. A flaw in the authentication logic allows deleted or expired API tokens to be consider...

Brute Force

Overview ethyca-fides is an Open-source ecosystem for data privacy as code. Affected versions of this package are vulnerable to Brute Force via insufficient protections on the authentication process. An attacker can gain unauthorized access to user accounts by performing automated credential...

CVE-2025-50085 affecting package mysql for versions less than 8.0.43-1

CVE-2025-50085 affecting package mysql for versions less than 8.0.43-1. An upgraded version of the package is available that resolves this issue...

Information Disclosure

omeroweb is vulnerable to information disclosure. The vulnerability is due to error messages displayed during the Forgot Password reset process disclosing user information, which allows an attacker to enumerate or gain insights about valid users...