Category: Advisories

Juray Sarinay discovered that PDF documents signed with the adbe.pkcs7.sha1 standard were incompletely validated by LibreOffice, which could cause invalid signatures to be accepted as...

Posted by Artur Janicki via Fulldisclosure on Apr 26 [APOLOGIES FOR CROSS-POSTING] CALL FOR PAPERS 14th International Workshop on Cyber Crime (IWCC 2025 - https://2025.ares-conference.eu/program/iwcc/)...

Posted by Daniel Owens via Fulldisclosure on Apr 26 Inedo ProGet 2024.22 and below are vulnerable to unauthenticated denial of service and information disclosure attacks...

Posted by Daniel Owens via Fulldisclosure on Apr 26 Good morning. All current versions and all versions since the 2022/2023 "fix" to the Rails cross-site...

Posted by hyp3rlinx on Apr 26 [-] Microsoft ".library-ms" File / NTLM Information Disclosure Spoofing (Resurrected 2025) / CVE-2025-24054 [+] John Page (aka hyp3rlinx) [+]...

FEDORA-2025-eecb0ea534 Packages in this update: kappanhang-0-0.3.20250427gitdffb773.fc41 Update description: Update to git snapshot dffb773 Read More

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. https://security-tracker.debian.org/tracker/DSA-5907-1 Read More

A vulnerability has been discovered in SAP NetWeaver Visual Composer, which could allow for remote code execution. SAP NetWeaver Visual Composer is SAP’s web-based software...

Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to...

What is the Vulnerability?A critical path traversal vulnerability has been identified in Commvault's Command Center Innovation Release. The vulnerability, tracked as CVE-2025-34028, has been assigned...