Overview
- Python Packaging Authority
- pip
- pip
Description
Statistics
- 1 Post
Overview
- Qualcomm, Inc.
- Snapdragon
Description
Statistics
- 1 Post
Fediverse
🟠 CVE-2025-47358 - High (7.8)
Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-47358/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
- Qualcomm, Inc.
- Snapdragon
Description
Statistics
- 2 Posts
Fediverse
Qualcomm released the security bulletin for February 2026: CVE-2025-47397 is the GPU IOMMU issue mentioned in 39c3’s Build a Fake Phone, Find Real Bugs session. (at the 28 minute mark) The presenter said that they’ll “update the presentation’s repository with the technical details once the CVE is shared publicly”, Looking forward to reading that…
Qualcomm’s CVE-2025-47397 patch doesn’t make sense on kernel 5.10: 5.10 isn’t vulnerable to the issue in the first place!
The bug was only introduced in kernel 5.15.
(Interestingly, some poor dev at MediaTek hit the exact same bug in 2022: searching for “iommu_map_sg cve” gives me this fix commit)
Overview
- Native Instruments
- Native Access
Description
Statistics
- 2 Posts
Fediverse
🔴 CVE-2026-24071 - Critical (9.3)
It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24071/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
- Oracle Corporation
- MySQL Cluster
Description
Statistics
- 1 Post
Overview
- IBM
- WebSphere Application Server Liberty
Description
Statistics
- 1 Post
Fediverse
🟠 CVE-2025-14914 - High (7.6)
IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal sequences resulting in an overwrite of files leading to arbitrary code execution.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14914/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
- ASUSTOR
- ADM
- AD Domain
Description
Statistics
- 1 Post
Overview
Description
Statistics
- 1 Post
Fediverse
CVE-2026-24512: ingress-nginx rules.http.paths.path nginx configuration injection - https://github.com/kubernetes/kubernetes/issues/136678
Overview
- Ivanti
- Endpoint Manager Mobile
Description
Statistics
- 2 Posts
Fediverse
Aktuelle Neuigkeiten: Aktive Ausnutzung von Sicherheitslücken in Ivanti Endpoint Manager Mobile (CVE-2026-1281, CVE-2026-1340)
https://www.cert.at/de/aktuelles/2026/2/aktive-ausnutzung-von-sicherheitslucken-in-ivanti-endpoint-manager-mobile-cve-2026-1281-cve-2026-1340