458 matches found
OPENSUSE-SU-2026:20022-1 Security update for matio
This update for matio fixes the following issues: - update to version 1.5.29: Fix printing rank-1-variable in MatVarPrint Fix array index out of bounds in MatVarPrint when printing UTF-8 character data boo1239678, CVE-2025-2337 Fix heap-based buffer overflow in strdupvprintf boo1239677,...
Supporting Secured Integration of Microarchitectural Defenses
There has been a plethora of microarchitectural-level attacks leading to many proposed countermeasures. This has created an unexpected and unaddressed security issue where naive integration of those defenses can potentially lead to security vulnerabilities. This occurs when one defense changes an...
Disney Fined $10M for Violating Children’s Privacy Laws on YouTube
Disney agrees to a $10M settlement with the DOJ and FTC over YouTube privacy violations. Learn how the COPPA ruling affects kids' data and Disney's new rules...
MCP-SandboxScan: WASM-Based Secure Execution and Runtime Analysis for MCP Tools
Tool-augmented LLM agents raise new security risks: tool executions can introduce runtime-only behaviors, including prompt injection and unintended exposure of external inputs e.g., environment secrets or local files. While existing scanners often focus on static artifacts, analyzing runtime...
Breaking the Illusion: Automated Reasoning of GDPR Consent Violations
Recent privacy regulations such as the General Data Protection Regulation GDPR and the California Consumer Privacy Act CCPA have established legal requirements for obtaining user consent regarding the collection, use, and sharing of personal data. These regulations emphasize that consent must be...
BIT-MONGODB-2025-12657 Malformed KMIP response may result in access violation
The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invalid objects. Later reads of this object can result in read access violations...
Siemens COMOS
SUMMARY COMOS is affected by multiple vulnerabilities that could allow an attacker to execute arbitrary code or cause denial of service condition, data infiltration or perform access control violations. Siemens has released new versions for several affected products and recommends to update to...
BGPFuzz: Automated Configuration Fuzzing of the Border Gateway Protocol
Telecommunications networks rely on configurations to define routing behavior, especially in the Border Gateway Protocol BGP, where misconfigurations can lead to severe outages and security breaches, as demonstrated by the 2021 Facebook outage. Unlike existing approaches that rely on synthesis or...
CVE-2025-12657
The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invalid objects. Later reads of this object can result in read access violations...
Falco 0.42.1
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco...
Linux Distros Unpatched Vulnerability : CVE-2025-12657
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invalid objects. Later reads of this...
UBUNTU-CVE-2025-12657
The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invalid objects. Later reads of this object can result in read access violations...
PT-2025-44795
Name of the Vulnerable Software and Affected Versions MongoDB affected versions not specified Description The KMIP response parser within MongoDB binaries is susceptible to parsing malformed packets with excessive tolerance, potentially creating invalid objects. Subsequent reads of these objects...
MongoDB -- Improper Check for Unusual or Exceptional Conditions
https://jira.mongodb.org/browse/SERVER-101230 reports: The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invalid objects. Later reads of this object can result in read access violations...
CVE-2025-58148
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...
kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwis...
EUVD-2012-4373
Malware in sbrugna...
EUVD-2011-0975
Malware in sbrugna...
EUVD-2019-3931
Malware in sbrugna...
EUVD-2020-23282
Malware in sbrugna...