GHSA-489J-G2VX-39WF Transformers vulnerable to ReDoS attack through its SETTING_RE variable

A Regular Expression Denial of Service ReDoS vulnerability was discovered in the huggingface/transformers repository, specifically in version 4.49.0. The vulnerability is due to inefficient regular expression complexity in the SETTINGRE variable within the transformers/commands/chat.py file. The...

TencentOS Server 3: glibc (TSSA-2025:0498)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0498 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

The vulnerability of the gpiolib-cdev.c component in the Linux operating system’s kernel allows a hacker to cause service interruptions as well as trigger system failures.

The vulnerability of the gpiolib-cdev.c component in the Linux operating system is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to cause service failures...

Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller

CitrixBleed-2-CVE-2025-5777 checker checker.py httphttps...

CVE-2025-38229

In the Linux kernel, the following vulnerability has been resolved: media: cxusb: no longer judge rbuf when the write fails syzbot reported a uninit-value in cxusbi2cxfer. 1 Only when the write operation of usbbulkmsg in dvbusbgenericrw succeeds and rlen is greater than 0, the read operation of...

Use of Hard-coded Password

Overview Affected versions of this package are vulnerable to Use of Hard-coded Password via the mySecret argument in the JWT Token Handler process. An attacker can gain unauthorized access to sensitive information by exploiting the presence of a hard-coded secret value in authentication mechanism...

Security update for libssh

This update for libssh fixes the following issues: CVE-2025-5318: Fixed likely read beyond bounds in sftp server handle management bsc1245311. CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. CVE-2025-4878: Fixed use of uninitialized variable in...

SUSE-SU-2025:02229-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2025-5318: Fixed likely read beyond bounds in sftp server handle management bsc1245311. - CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. - CVE-2025-4878: Fixed use of uninitialized variable in...

AZL-64713 CVE-2025-38200 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40eclearhw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer underflow by changing the...

CVE-2025-38229 media: cxusb: no longer judge rbuf when the write fails

In the Linux kernel, the following vulnerability has been resolved: media: cxusb: no longer judge rbuf when the write fails syzbot reported a uninit-value in cxusbi2cxfer. 1 Only when the write operation of usbbulkmsg in dvbusbgenericrw succeeds and rlen is greater than 0, the read operation of...

AZL-65136 CVE-2025-49809 affecting package mtr 0.95-1

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries...

Exploit for Server-Side Request Forgery in Apache Kafka

Disclaimer: The vulnerabilities described in this article and...

A Note on Single-Cut Full-Open Protocols

Card-based cryptography is a research area that realizes cryptographic protocols such as secure computation by applying shuffles to sequences of cards that encode input values. A single-cut full-open protocol is one that obtains an output value by applying a random cut to an input sequence of...

PT-2025-28004

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the media component, specifically the cxusb module. The issue occurred when the write operation of usb bulk msg in dvb...

CVE-2025-49809

CVE-2025-49809 affects mtr up to version 0.95. In certain privileged contexts, execution of a program specified by the MTR_PACKET environment variable is mishandled, enabling potential local impact. Public details consistently mention macOS sudo-related considerations due to Homebrew not installi...

CVE-2025-49809

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries...

The vulnerability of the xe_pat.c component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the xepat.c component in the Linux operating system’s kernel is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to cause a service failure...

kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider

A flaw was found in Apache Kafka Clients. Apache Kafka Clients accepts configuration data for customizing behavior and includes ConfigProvider plugins to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider...

CVE-2024-51982

An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language PJL command that will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device. A malformed PJL variable FORMLINES is set to a non...

The vulnerability of the privatekey_from_file() function in the libssh library allows a hacker to disclose sensitive information or cause service failures.

The vulnerability of the privatekeyfromfile function in the libssh library is related to the use of an uninitialized variable. Exploiting this vulnerability could allow an attacker to disclose sensitive information or cause service failures...