← Find more feeds

seclists.org

Open Source Security

Get the latest updates from Open Source Security directly as they happen.

Follow now 70 followers

Latest posts

Last updated about 4 hours ago

CVE-2025-54409 - aide (>= 0.13 <= 0.19.1): null pointer dereference after reading incorrectly encoded xattr attributes from database (local DoS)

about 4 hours ago

Posted by Hannes von Haugwitz on Aug 14Summary ======= Rajesh Pangare discovered...

Read full

CVE-2025-54389 - aide (<= 0.19.1): improper output neutralization (potential AIDE detection bypass)

about 5 hours ago

Posted by Hannes von Haugwitz on Aug 14Summary ======= Rajesh Pangare discovered...

Read full

CVE-2025-55675: Apache Superset: Incorrect datasource authorization on REST API

about 10 hours ago

Posted by Daniel Gaspar on Aug 14Severity Affected versions: - Apache Superset...

Read full

CVE-2025-55674: Apache Superset: Improper SQL authorisation, parse not checking for specific engine functions

about 10 hours ago

Posted by Daniel Gaspar on Aug 14Severity Affected versions: - Apache Superset...

Read full

CVE-2025-55672: Apache Superset: Store XSS on charts metadata

about 11 hours ago

Posted by Daniel Gaspar on Aug 14Severity Affected versions: - Apache Superset...

Read full

CVE-2025-55673: Apache Superset: Metadata exposure in embedded charts

about 11 hours ago

Posted by Daniel Gaspar on Aug 14Severity Affected versions: - Apache Superset...

Read full

Re: Question about (in)security of fdk-aac-free in linux distros

about 13 hours ago

Posted by Martin Storsjö on Aug 14Hi Thanks for looping me in!...

Read full

Re: Question about (in)security of fdk-aac-free in linux distros

about 13 hours ago

Posted by Sam James on Aug 14Jordan Glover <Golden_Miller83 () protonmail ch&gt...

Read full

Question about (in)security of fdk-aac-free in linux distros

1 day ago

Posted by Jordan Glover on Aug 13This post presents question about (in}security...

Read full

Re: xterm terminal crash due to malicious character sequences in file name

1 day ago

Posted by Erik Auerswald on Aug 13Hi I do not expect this...

Read full

Re: xterm terminal crash due to malicious character sequences in file name

1 day ago

Posted by Thomas Dickey on Aug 13Vincent omitted his custom configuration (reverseWrap)...

Read full

HTTP/2 implementations are vulnerable to "MadeYouReset" DoS attack through HTTP/2 control frames

1 day ago

Posted by Alan Coopersmith on Aug 13https://kb.cert.org/vuls/id/767506 was published today See https://kb.cert.org/vuls/id/767506...

Read full

Or log in

Everything you care about in one place

Open Source Security

Latest posts

CVE-2025-54409 - aide (>= 0.13 <= 0.19.1): null pointer dereference after reading incorrectly encoded xattr attributes from database (local DoS)

CVE-2025-54389 - aide (<= 0.19.1): improper output neutralization (potential AIDE detection bypass)

CVE-2025-55675: Apache Superset: Incorrect datasource authorization on REST API

CVE-2025-55674: Apache Superset: Improper SQL authorisation, parse not checking for specific engine functions

CVE-2025-55672: Apache Superset: Store XSS on charts metadata

CVE-2025-55673: Apache Superset: Metadata exposure in embedded charts

Re: Question about (in)security of fdk-aac-free in linux distros

Re: Question about (in)security of fdk-aac-free in linux distros

Question about (in)security of fdk-aac-free in linux distros

Re: xterm terminal crash due to malicious character sequences in file name

Re: xterm terminal crash due to malicious character sequences in file name

HTTP/2 implementations are vulnerable to "MadeYouReset" DoS attack through HTTP/2 control frames

Try Feeder for free