ZDI-25-126: (0Day) Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-2022.

USN-7449-2: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

April 24, 2025

USN-7463-1: Linux kernel (IBM) vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...

April 24, 2025

xz-5.8.1-2.fc42

FEDORA-2025-7f00e5e744 Packages in this update: xz-5.8.1-2.fc42 Update description: New upstream version 5.8.1 (with a rebuild to try and fix a...

April 24, 2025

USN-7462-2: Linux kernel (AWS FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

April 24, 2025

USN-7462-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

April 24, 2025

USN-7461-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

April 24, 2025

ELENOR-corp Ransomware Targets Healthcare Sector

Blue Shield of California Data Breach Affects 4.7 Million Members

Highest-Risk Security Flaw Found in Commvault Backup Solutions

Verizon DBIR: Small Businesses Bearing the Brunt of Ransomware Attacks

Ransomware Attacks Fall Sharply in March

ETSI Unveils New Baseline Requirements for Securing AI

Ofcom Lays Down the Law with Child Safety Rules for Tech Giants

Smashing Security podcast #414: Zoom.. just one click and your data goes boom!

From Fast to Smart: Rethinking Incident Response Metrics

ZDI-25-126: (0Day) Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability

USN-7449-2: Linux kernel (HWE) vulnerabilities

USN-7463-1: Linux kernel (IBM) vulnerabilities

xz-5.8.1-2.fc42

USN-7462-2: Linux kernel (AWS FIPS) vulnerabilities

USN-7462-1: Linux kernel vulnerabilities

USN-7461-2: Linux kernel (FIPS) vulnerabilities