CVE ID : CVE-2024-55069
Published : May 2, 2025, 10:15 p.m. | 1 hour, 15 minutes ago
Description : ffmpeg 7.1 is vulnerable to Null Pointer Dereference in function iamf_read_header in /libavformat/iamfdec.c.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-21572
Published : May 2, 2025, 10:15 p.m. | 1 hour, 15 minutes ago
Description : OpenGrok 1.13.25 has a reflected Cross-Site Scripting (XSS) issue when producing the history view page. This happens through improper handling of path segments. The application reflects unsanitized user input into the HTML output.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-46723
Published : May 2, 2025, 11:15 p.m. | 15 minutes ago
Description : OpenVM is a performant and modular zkVM framework built for customization and extensibility. In version 1.0.0, OpenVM is vulnerable to overflow through byte decomposition of pc in AUIPC chip. A typo results in the highest limb of pc being range checked to 8-bits instead of 6-bits. This results in the if statement never being triggered because the enumeration gives i=0,1,2, when instead the enumeration should give i=1,2,3, leaving pc_limbs[3] range checked to 8-bits instead of 6-bits. This leads to a vulnerability where the pc_limbs decomposition differs from the true pc, which means a malicious prover can make the destination register take a different value than the AUIPC instruction dictates, by making the decomposition overflow the BabyBear field. This issue has been patched in version 1.1.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Cyber Brief 25-05 – April 2025
Cyber Brief (April 2025)May 2, 2025 – Version: 1TLP:CLEARExecutive summaryWe analysed 311 open source reports for this Cyber Brief1.Policy, cooperation, and law enforcement. The FBI sought help to ide …
Read more
Published Date:
May 02, 2025 (4 hours, 4 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-31201
CVE-2025-31200
CVE-2025-22457
CVE-2025-24054
CVE-2024-43451
CVE-2019-0708
CVE-2017-11882
CVE ID : CVE-2025-3879
Published : May 2, 2025, 5:15 p.m. | 2 hours, 14 minutes ago
Description : Vault Community, Vault Enterprise (“Vault”) Azure Auth method did not correctly validate the claims in the Azure-issued token, resulting in the potential bypass of the bound_locations parameter on login. Fixed in Vault Community Edition 1.19.1 and Vault Enterprise 1.19.1, 1.18.7, 1.17.14, 1.16.18.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-45800
Published : May 2, 2025, 5:15 p.m. | 2 hours, 14 minutes ago
Description : TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a command execution vulnerability in the setDeviceName interface of the /lib/cste_modules/global.so library, specifically in the processing of the deviceMac parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-46332
Published : May 2, 2025, 5:15 p.m. | 2 hours, 14 minutes ago
Description : Flags SDK is an open-source feature flags toolkit for Next.js and SvelteKit. Impacted versions include flags from 3.2.0 and prior and @vercel/flags from 3.1.1 and prior as certain circumstances allows a bad actor with detailed knowledge of the vulnerability to list all flags returned by the flags discovery endpoint (.well-known/vercel/flags). This vulnerability allows for information disclosure, where a bad actor could gain access to a list of all feature flags exposed through the flags discovery endpoint, including the flag names, flag descriptions, available options and their labels (e.g. true, false), and default flag values. This issue has been patched in flags@4.0.0, users of flags and @vercel/flags should also migrate to flags@4.0.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4213
Published : May 2, 2025, 6:15 p.m. | 1 hour, 15 minutes ago
Description : A vulnerability has been found in PHPGurukul Online Birth Certificate System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
Attackers have been using two previously known vulnerabilities (CVE-2024-38475, CVE-2023-44221) to compromise SonicWall secure mobile access devices, the vendor has confirmed by updating the associate …
Read more
Published Date:
May 02, 2025 (3 hours, 41 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-23006
CVE-2024-38475
CVE-2023-44221
CVE-2021-20035
US indicts Black Kingdom ransomware admin for Microsoft Exchange attacks
A 36-year-old Yemeni national, who is believed to be the developer and primary operator of ‘Black Kingdom’ ransomware, has been indicted by the United States for conducting 1,500 attacks on Microsoft …
Read more
Published Date:
May 02, 2025 (2 hours, 26 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2021-27065
CVE-2021-26858
CVE-2021-26857
CVE-2021-26855
CVE-2019-11510
VS klaagt verdachte aan voor ransomware-aanvallen tegen Exchange-servers
De Amerikaanse autoriteiten hebben een 36-jarige man uit Yemen aangeklaagd voor het uitvoeren van ransomware-aanvallen tegen Microsoft Exchange-servers van allerlei organisaties. Het zou onder andere …
Read more
Published Date:
May 02, 2025 (2 hours, 8 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2021-27065
CVE ID : CVE-2025-2605
Published : May 2, 2025, 1:15 p.m. | 3 hours, 13 minutes ago
Description : Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability in Honeywell MB-Secure allows Privilege Abuse. This issue affects MB-Secure: from V11.04 before V12.53 and MB-Secure PRO from V01.06 before V03.09.Honeywell also recommends updating to the most recent version of this product.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2023-53121
Published : May 2, 2025, 4:15 p.m. | 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
tcp: tcp_make_synack() can be called from process context
tcp_rtx_synack() now could be called in process context as explained in
0a375c822497 (“tcp: tcp_rtx_synack() can be called from process
context”).
tcp_rtx_synack() might call tcp_make_synack(), which will touch per-CPU
variables with preemption enabled. This causes the following BUG:
BUG: using __this_cpu_add() in preemptible [00000000] code: ThriftIO1/5464
caller is tcp_make_synack+0x841/0xac0
Call Trace:
dump_stack_lvl+0x10d/0x1a0
check_preemption_disabled+0x104/0x110
tcp_make_synack+0x841/0xac0
tcp_v6_send_synack+0x5c/0x450
tcp_rtx_synack+0xeb/0x1f0
inet_rtx_syn_ack+0x34/0x60
tcp_check_req+0x3af/0x9e0
tcp_rcv_state_process+0x59b/0x2030
tcp_v6_do_rcv+0x5f5/0x700
release_sock+0x3a/0xf0
tcp_sendmsg+0x33/0x40
____sys_sendmsg+0x2f2/0x490
__sys_sendmsg+0x184/0x230
do_syscall_64+0x3d/0x90
Avoid calling __TCP_INC_STATS() with will touch per-cpu variables. Use
TCP_INC_STATS() which is safe to be called from context switch.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2023-53123
Published : May 2, 2025, 4:15 p.m. | 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
PCI: s390: Fix use-after-free of PCI resources with per-function hotplug
On s390 PCI functions may be hotplugged individually even when they
belong to a multi-function device. In particular on an SR-IOV device VFs
may be removed and later re-added.
In commit a50297cf8235 (“s390/pci: separate zbus creation from
scanning”) it was missed however that struct pci_bus and struct
zpci_bus’s resource list retained a reference to the PCI functions MMIO
resources even though those resources are released and freed on
hot-unplug. These stale resources may subsequently be claimed when the
PCI function re-appears resulting in use-after-free.
One idea of fixing this use-after-free in s390 specific code that was
investigated was to simply keep resources around from the moment a PCI
function first appeared until the whole virtual PCI bus created for
a multi-function device disappears. The problem with this however is
that due to the requirement of artificial MMIO addreesses (address
cookies) extra logic is then needed to keep the address cookies
compatible on re-plug. At the same time the MMIO resources semantically
belong to the PCI function so tying their lifecycle to the function
seems more logical.
Instead a simpler approach is to remove the resources of an individually
hot-unplugged PCI function from the PCI bus’s resource list while
keeping the resources of other PCI functions on the PCI bus untouched.
This is done by introducing pci_bus_remove_resource() to remove an
individual resource. Similarly the resource also needs to be removed
from the struct zpci_bus’s resource list. It turns out however, that
there is really no need to add the MMIO resources to the struct
zpci_bus’s resource list at all and instead we can simply use the
zpci_bar_struct’s resource pointer directly.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2023-53122
Published : May 2, 2025, 4:15 p.m. | 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
RISC-V: fix taking the text_mutex twice during sifive errata patching
Chris pointed out that some bonehead, *cough* me *cough*, added two
mutex_locks() to the SiFive errata patching. The second was meant to
have been a mutex_unlock().
This results in errors such as
Unable to handle kernel NULL pointer dereference at virtual address 0000000000000030
Oops [#1]
Modules linked in:
CPU: 0 PID: 0 Comm: swapper Not tainted
6.2.0-rc1-starlight-00079-g9493e6f3ce02 #229
Hardware name: BeagleV Starlight Beta (DT)
epc : __schedule+0x42/0x500
ra : schedule+0x46/0xce
epc : ffffffff8065957c ra : ffffffff80659a80 sp : ffffffff81203c80
gp : ffffffff812d50a0 tp : ffffffff8120db40 t0 : ffffffff81203d68
t1 : 0000000000000001 t2 : 4c45203a76637369 s0 : ffffffff81203cf0
s1 : ffffffff8120db40 a0 : 0000000000000000 a1 : ffffffff81213958
a2 : ffffffff81213958 a3 : 0000000000000000 a4 : 0000000000000000
a5 : ffffffff80a1bd00 a6 : 0000000000000000 a7 : 0000000052464e43
s2 : ffffffff8120db41 s3 : ffffffff80a1ad00 s4 : 0000000000000000
s5 : 0000000000000002 s6 : ffffffff81213938 s7 : 0000000000000000
s8 : 0000000000000000 s9 : 0000000000000001 s10: ffffffff812d7204
s11: ffffffff80d3c920 t3 : 0000000000000001 t4 : ffffffff812e6dd7
t5 : ffffffff812e6dd8 t6 : ffffffff81203bb8
status: 0000000200000100 badaddr: 0000000000000030 cause: 000000000000000d
[] schedule+0x46/0xce
[] schedule_preempt_disabled+0x16/0x28
[] __mutex_lock.constprop.0+0x3fe/0x652
[] __mutex_lock_slowpath+0xe/0x16
[] mutex_lock+0x42/0x4c
[] sifive_errata_patch_func+0xf6/0x18c
[] _apply_alternatives+0x74/0x76
[] apply_boot_alternatives+0x3c/0xfa
[] setup_arch+0x60c/0x640
[] start_kernel+0x8e/0x99c
—[ end trace 0000000000000000 ]—
[Palmer: pick up Geert’s bug report from the thread]
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2023-53125
Published : May 2, 2025, 4:15 p.m. | 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
net: usb: smsc75xx: Limit packet length to skb->len
Packet length retrieved from skb data may be larger than
the actual socket buffer length (up to 9026 bytes). In such
case the cloned skb passed up the network stack will leak
kernel memory contents.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2023-53124
Published : May 2, 2025, 4:15 p.m. | 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
Port is allocated by sas_port_alloc_num() and rphy is allocated by either
sas_end_device_alloc() or sas_expander_alloc(), all of which may return
NULL. So we need to check the rphy to avoid possible NULL pointer access.
If sas_rphy_add() returned with failure, rphy is set to NULL. We would
access the rphy in the following lines which would also result NULL pointer
access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2023-53127
Published : May 2, 2025, 4:15 p.m. | 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Fix expander node leak in mpi3mr_remove()
Add a missing resource clean up in .remove.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2023-53126
Published : May 2, 2025, 4:15 p.m. | 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Fix sas_hba.phy memory leak in mpi3mr_remove()
Free mrioc->sas_hba.phy at .remove.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2023-53129
Published : May 2, 2025, 4:15 p.m. | 34 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
ext4: Fix deadlock during directory rename
As lockdep properly warns, we should not be locking i_rwsem while having
transactions started as the proper lock ordering used by all directory
handling operations is i_rwsem -> transaction start. Fix the lock
ordering by moving the locking of the directory earlier in
ext4_rename().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…