photog.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for your photos and banter. Photog first is our motto Please refer to the site rules before posting.

Administered by:

Server stats:

263
active users

#cve

10 posts10 participants0 posts today
Cedric<p>The Global CVE (GCVE) allocation system is decentralized approach to vulnerability identification and numbering. The GCVE registry is a key component.</p><p>For this reason the registry is digitally signed using an RSA public key with SHA-512.</p><p>Thanks to the GCVE Python client, updating your local copy of the registry and verifying its integrity is just one command away:</p><p> $ gcve registry --pull</p><p>Learn more: <a href="https://gcve.eu" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">gcve.eu</span><span class="invisible"></span></a></p><p><a href="https://social.circl.lu/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vulnerability</span></a> <a href="https://social.circl.lu/tags/CVD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVD</span></a> <a href="https://social.circl.lu/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> <a href="https://social.circl.lu/tags/GCVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GCVE</span></a> <a href="https://social.circl.lu/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://social.circl.lu/tags/VulnerabilityLookup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VulnerabilityLookup</span></a></p>
Eckes :mastodon:<p>Jetzt musste ich xx (censored) Jahre alt werden um meine erste CVE vorzuschlagen. </p><p>Aber naja mit Hilfe von GitHub geht das relativ einfach, mal sehen ob sie es auch publishen <a href="https://zusammenkunft.net/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a> <a href="https://zusammenkunft.net/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cve</span></a> <a href="https://zusammenkunft.net/tags/nettools" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nettools</span></a><br><a href="https://github.com/ecki/net-tools/security/advisories?state=published" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/ecki/net-tools/secu</span><span class="invisible">rity/advisories?state=published</span></a></p>
Richi Jennings<p>EU Vulnerability Database (<a href="https://vmst.io/tags/EUVD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EUVD</span></a>) launches this week. And not a moment too soon.</p><p>The EU Agency for Cybersecurity (<a href="https://vmst.io/tags/ENISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ENISA</span></a>) has brought EUVD out of beta. Born from a 2022 EU law, EUVD will work alongside MITRE’s Common Vulnerabilities and Exposures database (<a href="https://vmst.io/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a>)—the future of which is still hazy after last month’s last-minute funding reprieve.</p><p>ENISA executive director Juhan Lepassaar (pictured) is keen to get on with the job. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SBBlogwatch</span></a>, we take this kiss throughout the world.</p><p>@TheFuturumGroup @TechstrongGroup @SecurityBlvd: <a href="https://securityboulevard.com/2025/05/euvd-launch-cve-richixbw/?utm_source=richisoc&amp;utm_medium=social&amp;utm_content=richisoc&amp;utm_campaign=richisoc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2025/05/</span><span class="invisible">euvd-launch-cve-richixbw/?utm_source=richisoc&amp;utm_medium=social&amp;utm_content=richisoc&amp;utm_campaign=richisoc</span></a></p>
moltenbit<p><a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a>-2025-30386 released today by <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microsoft</span></a> sounds worrying:</p><p>„In the worst-case email attack scenario, an attacker could send a specially crafted email to the user without a requirement that the victim open, read, or click on the link.“ - leading to RCE.</p>
Alexandre Dulaunoy<p>Many are complaining about CISA removing the RSS feed for KEV. Just a reminder: we expose a lot of the API via RSS and Atom in vulnerability-lookup. KEV is included.</p><p>🔗 <a href="https://www.vulnerability-lookup.org/user-manual/feed-syndication/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">vulnerability-lookup.org/user-</span><span class="invisible">manual/feed-syndication/</span></a></p><p><a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
Brian Greenberg :verified:<p>⚠️ The EU 🇪🇺 to launch its own vulnerability database because the US is dropping the ball 🇺🇸 😢 — and the timing couldn’t be more telling 🛡️</p><p>In response to growing digital sovereignty concerns, NIS2 compliance, and calls for vendor accountability, the EU is building a public vulnerability catalog. The goal?<br>📂 Track and disclose security bugs across government, industry, and open source<br>🔍 Complement—not compete with—the CVE Program<br>📊 Increase trust, transparency, and resilience within the bloc</p><p>But let’s be honest:<br>🤝 Multiple public vuln databases means we must align identifiers, disclosure standards, and data feeds—or risk fragmentation<br>💡 Transparency is great, but what about verification, consistency, and maintenance?<br>📉 And if vendors or agencies self-report, how do we ensure accuracy or prevent omission?</p><p>Done right, this could increase pressure on lagging suppliers and elevate accountability. But if we don’t connect the dots globally, we may just multiply confusion.</p><p>What do you think: smart evolution or coordination nightmare?</p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://infosec.exchange/tags/EU" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EU</span></a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> <a href="https://infosec.exchange/tags/NIS2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NIS2</span></a> <a href="https://infosec.exchange/tags/SoftwareSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SoftwareSecurity</span></a> <a href="https://infosec.exchange/tags/Governance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Governance</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>privacy</span></a> <a href="https://infosec.exchange/tags/cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloud</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <br><a href="https://www.theregister.com/2025/05/13/eu_security_bug_database/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">theregister.com/2025/05/13/eu_</span><span class="invisible">security_bug_database/</span></a></p>
Mare Polaris<p>Seems we got our own thing now</p><p><a href="https://mastodon.social/tags/euvd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>euvd</span></a> <a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/eupol" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>eupol</span></a> </p><p><a href="https://euvd.enisa.europa.eu/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">euvd.enisa.europa.eu/</span><span class="invisible"></span></a></p>
Cedric<p>RSS feed for CISA KEV vulnerabilities, powered by Vulnerability-Lookup:</p><p><a href="https://www.vulnerability-lookup.org/user-manual/feed-syndication/#most-recent-entries-from-known-exploited-vulnerabilities" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">vulnerability-lookup.org/user-</span><span class="invisible">manual/feed-syndication/#most-recent-entries-from-known-exploited-vulnerabilities</span></a></p><p><a href="https://fosstodon.org/tags/rss" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>rss</span></a> <a href="https://fosstodon.org/tags/cisa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cisa</span></a> <a href="https://fosstodon.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://fosstodon.org/tags/feed" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>feed</span></a> <a href="https://fosstodon.org/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://fosstodon.org/tags/OpenData" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenData</span></a> <a href="https://fosstodon.org/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cve</span></a> <a href="https://fosstodon.org/tags/VulnerabilityLookup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VulnerabilityLookup</span></a></p>
Matt "msw" Wilson<p>setuid root screen is a gift that just keeps on giving…</p><p><a href="https://mstdn.social/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> <a href="https://mstdn.social/tags/CVE_2025_23395" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE_2025_23395</span></a> <a href="https://mstdn.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://mstdn.social/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a> <a href="https://mstdn.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a><br><a href="https://security.opensuse.org/2025/05/12/screen-security-issues.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">security.opensuse.org/2025/05/</span><span class="invisible">12/screen-security-issues.html</span></a></p>
Kevin Bowen :xfce:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@Viss" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Viss</span></a></span> </p><p>Oh my. I...I thought that was a spoof pic. I should know better by now. *sigh*</p><p><a href="https://www.theregister.com/2025/05/12/cisa_vulnerabilities_updates_x/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">theregister.com/2025/05/12/cis</span><span class="invisible">a_vulnerabilities_updates_x/</span></a></p><p><a href="https://fosstodon.org/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://fosstodon.org/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> <a href="https://fosstodon.org/tags/OMGWTFBBQ" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMGWTFBBQ</span></a></p>
Tod Beardsley<p>Btw if you agree that the USG should no longer be the sole funder of <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a>, I have an open letter to Congress that you’re welcome to sign. </p><p><a href="https://resist.bot/petitions/PWDDUS" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">resist.bot/petitions/PWDDUS</span><span class="invisible"></span></a></p><p><span class="h-card" translate="no"><a href="https://mastodon.social/@resistbot" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>resistbot</span></a></span> is easy and fun to use.</p>
Tod Beardsley<p>Oh, the US government wouldn’t consider turning off the <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> databse! It’s critical cybersecurity infrastructure!</p><p><a href="https://infosec.exchange/tags/NOAA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NOAA</span></a> has entered the chat: <a href="https://www.cnn.com/2025/05/08/climate/noaa-ends-disaster-database" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cnn.com/2025/05/08/climate/noa</span><span class="invisible">a-ends-disaster-database</span></a></p><p>Don’t think it can’t happen here, too.</p>
CVE Program<p>794 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of April 28, 2025 <br> <br><a href="https://cisa.gov/news-events/bulletins/sb25-125" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cisa.gov/news-events/bulletins</span><span class="invisible">/sb25-125</span></a> <br> <br><a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> <a href="https://mastodon.social/tags/CVEID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVEID</span></a> <a href="https://mastodon.social/tags/CVSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVSS</span></a> <a href="https://mastodon.social/tags/CWE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CWE</span></a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vulnerability</span></a> <a href="https://mastodon.social/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://mastodon.social/tags/HSSEDI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HSSEDI</span></a> <a href="https://mastodon.social/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a></p>
Victoria (K8VSY) (she/her)<p>Make sure to update your Meshtastic devices to at least 2.6.2 or newer!</p><p>"This attack does not require authentication or user interaction, as long as the target device rebroadcasts packets on the default channel."</p><p><a href="https://www.cvedetails.com/cve/CVE-2025-24797/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cvedetails.com/cve/CVE-2025-24</span><span class="invisible">797/</span></a></p><p><a href="https://mastodon.radio/tags/Meshtastic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Meshtastic</span></a> <a href="https://mastodon.radio/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> <a href="https://mastodon.radio/tags/Mesh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Mesh</span></a> <a href="https://mastodon.radio/tags/MeshRadio" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MeshRadio</span></a> <a href="https://mastodon.radio/tags/Lora" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Lora</span></a> <a href="https://mastodon.radio/tags/hamr" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hamr</span></a> <a href="https://mastodon.radio/tags/HamRadio" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HamRadio</span></a> <a href="https://mastodon.radio/tags/AmateurRadio" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AmateurRadio</span></a></p>
CERT@VDE<p><a href="https://infosec.exchange/tags/OT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OT</span></a> <a href="https://infosec.exchange/tags/Advisory" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Advisory</span></a> <a href="https://infosec.exchange/tags/Update" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Update</span></a> VDE-2023-046<br>WAGO: Multiple products vulnerable to local file inclusion</p><p>An attacker with administrative privileges which can access sensitive files can additionally access them in an unintended, undocumented way.<br>UPDATE 07.05.2025:&nbsp;The fixed versions have been updated, because the previously mentioned versions are still vulnerable to this issue. More details have been added to the hardware devices. More affected version numbers were added to the firmwares.<br><a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> CVE-2023-4089</p><p><a href="https://certvde.com/en/advisories/VDE-2023-046" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">certvde.com/en/advisories/VDE-</span><span class="invisible">2023-046</span></a></p><p><a href="https://infosec.exchange/tags/CSAF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CSAF</span></a> <a href="https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2023/vde-2023-046.json" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">wago.csaf-tp.certvde.com/.well</span><span class="invisible">-known/csaf/white/2023/vde-2023-046.json</span></a></p>
CVE Program<p>“CNA Enrichment Recognition” - 251 CNAs on the list for May 5, 2025 <br> <br>Published every 2 weeks, this list recognizes those CVE Numbering Authorities (<a href="https://mastodon.social/tags/CNAs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CNAs</span></a>) actively providing <a href="https://mastodon.social/tags/CVSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVSS</span></a> and <a href="https://mastodon.social/tags/CWE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CWE</span></a> vulnerability data in their <a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> Records <br> <br><a href="https://medium.com/@cve_program/vulnerability-data-enrichment-for-cve-records-251-cnas-on-the-enrichment-recognition-list-for-may-0c56e3d382d1" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">medium.com/@cve_program/vulner</span><span class="invisible">ability-data-enrichment-for-cve-records-251-cnas-on-the-enrichment-recognition-list-for-may-0c56e3d382d1</span></a></p>
Xavier «X» Santolaria :verified_paw: :donor:<p>Updates from the <a href="https://infosec.exchange/tags/CVEFoundation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVEFoundation</span></a></p><blockquote><p>Representatives from the CVE Foundation met with representatives from CISA on 4/24/2025. The talks were positive and encouraging. All parties wish to keep the conversation and progress moving forward.</p></blockquote><p><a href="https://www.thecvefoundation.org/news" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">thecvefoundation.org/news</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/mitre" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mitre</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a></p>
apfeltalk :verified:<p>AirPlay-Sicherheitslücken bedrohen Millionen Geräte – auch Drittanbieter betroffen<br>Eine neue Analyse der Sicherheitsfirma Oligo offenbart gravierende Schwachstellen im AirPlay-Protokoll von App<br><a href="https://www.apfeltalk.de/magazin/feature/airplay-sicherheitsluecken-bedrohen-millionen-geraete-auch-drittanbieter-betroffen/" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">apfeltalk.de/magazin/feature/a</span><span class="invisible">irplay-sicherheitsluecken-bedrohen-millionen-geraete-auch-drittanbieter-betroffen/</span></a><br><a href="https://creators.social/tags/Feature" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Feature</span></a> <a href="https://creators.social/tags/iPhone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iPhone</span></a> <a href="https://creators.social/tags/AirPlay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AirPlay</span></a> <a href="https://creators.social/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apple</span></a> <a href="https://creators.social/tags/CarPlay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CarPlay</span></a> <a href="https://creators.social/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> <a href="https://creators.social/tags/Drittanbieter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Drittanbieter</span></a> <a href="https://creators.social/tags/iOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iOS</span></a> <a href="https://creators.social/tags/ITSicherheit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ITSicherheit</span></a> <a href="https://creators.social/tags/macOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>macOS</span></a> <a href="https://creators.social/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://creators.social/tags/Netzwerksicherheit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Netzwerksicherheit</span></a> <a href="https://creators.social/tags/Oligo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Oligo</span></a> <a href="https://creators.social/tags/RemoteCodeExecution" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RemoteCodeExecution</span></a> <a href="https://creators.social/tags/Sicherheitslcke" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Sicherheitslcke</span></a> <a href="https://creators.social/tags/Update" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Update</span></a></p>
gcve.eu<p>Seven new GNAs have been registered on GCVE.EU !</p><p>We're glad to see the community grow and are open to new GNA applications </p><p>🔗 JSON <a href="https://gcve.eu/dist/gcve.json" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">gcve.eu/dist/gcve.json</span><span class="invisible"></span></a><br>🔗 Why and How to become a GNA <a href="https://gcve.eu/about/#eligibility-and-process-to-obtain-a-gna-id" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gcve.eu/about/#eligibility-and</span><span class="invisible">-process-to-obtain-a-gna-id</span></a></p><p><a href="https://social.circl.lu/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cve</span></a> <a href="https://social.circl.lu/tags/gcve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gcve</span></a> <a href="https://social.circl.lu/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerabilities</span></a> <a href="https://social.circl.lu/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
Vitex<p>glibc (2.41-7) unstable; urgency=medium</p><p> Starting with glibc 2.41, shared libraries requiring an executable stack<br> cannot be dynamically loaded through the <a href="https://f.cz/tags/dlopen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dlopen</span></a> mechanism from a binary that<br> does not require an executable stack. This change aims to improve security,<br> as the previous behavior was used as a vector for RCE (<a href="https://f.cz/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a>-2023-38408).<br> Attempting to do so will result in the following error:</p><p> cannot enable executable stack as shared object requires: Invalid argument</p><p> While most libraries generated in the past 20 years do not require an<br> executable stack, some third-party software still need this capability. Many<br> vendors have already updated their binaries to address this.</p><p> If you need to run a program that requires an executable stack through<br> dynamic loaded shared libraries, you can use the glibc.rtld.execstack<br> tunable:</p><p> Glibc6_TUNABLES=glibc.rtld.execstack=2 ./program</p><p> -- Aurelien Jarno &lt;aurel32@debian.org&gt; Sun, 13 Apr 2025 14:41:11 +0200</p><p><a href="https://f.cz/tags/Debian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Debian</span></a> <a href="https://f.cz/tags/Changelog" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Changelog</span></a> <a href="https://f.cz/tags/GLibC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GLibC</span></a> <a href="https://f.cz/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://f.cz/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a></p>