CVE-2022-25274

Read Time:19 Second

Drupal 9.3 implemented a generic entity access API for entity revisions. However, this API was not completely integrated with existing permissions, resulting in some possible access bypass for users who have access to use revisions of content generally, but who do not have access to individual items of node and media content. This vulnerability only affects sites using Drupal’s revision system.

corosync-3.1.9-2.fc40

FEDORA-2025-0bafd025de Packages in this update: corosync-3.1.9-2.fc40 Update description: Security fix for CVE-2025-30472 Read More

March 26, 2025

varnish-7.5.0-3.fc41

FEDORA-2025-4453f596a8 Packages in this update: varnish-7.5.0-3.fc41 Update description: Security: This update includes fix for VSV00015 aka CVE-2025-30346. Upstream considers this...

March 26, 2025

corosync-3.1.9-2.fc41

FEDORA-2025-c55f39aeb3 Packages in this update: corosync-3.1.9-2.fc41 Update description: Security fix for CVE-2025-30472 Read More

March 26, 2025

corosync-3.1.9-3.fc42

FEDORA-2025-a350309ddb Packages in this update: corosync-3.1.9-3.fc42 Update description: Security fix for CVE-2025-30472 Read More

March 26, 2025

USN-7372-1: Varnish vulnerability

Martin van Kervel Smedshammer discovered that Varnish did not properly sanitize certain HTTP headers. A remote attacker could possibly use...

March 26, 2025

GitHub Actions Supply Chain Attack

What is the Attack?Recently, a popular third-party GitHub Action tj-actions/changed-files GitHub Action (CVE-2025-30066)- used by over 23,000 repositories- was compromised,...

March 26, 2025

ETSI Publishes New Quantum-Safe Encryption Standards

AI Data Poisoning

ENISA Probes Space Threat Landscape in New Report

UK Government’s New Fraud Strategy to Focus on Tech-Enabled Threats

New Android Malware Uses .NET MAUI to Evade Detection

Cybercriminals Use Atlantis AIO to Target 140+ Platforms

The AI Fix #43: I, for one, welcome our new robot overlords!

NIST Warns of Significant Limitations in AI/ML Security Mitigations

China-Linked Weaver Ant Hackers Exposed After Four-Year Telco Infiltration

corosync-3.1.9-2.fc40

varnish-7.5.0-3.fc41

corosync-3.1.9-2.fc41

corosync-3.1.9-3.fc42

USN-7372-1: Varnish vulnerability

GitHub Actions Supply Chain Attack