VLC plugs various security holes

Version 3.0.23 of the VLC Media Player fixes various vulnerabilities that could potentially allow the injection of malicious ...
WeLiveSecurity

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of the most widely used image ...

After testing over 125,000 Linux bugs, one researcher found the average one takes over two years to be fixed

Linux is a beautiful thing. From a completely open-source base, we have probably ten quintillion different distros that treat ...
GitHub

Parse, Resolve, and Dereference JSON Schema $ref pointers

You've got a JSON Schema with $ref pointers to other files and/or URLs. Maybe you know all the referenced files ahead of time. Maybe you don't. Maybe some are local ...
GitHub

[Bugs] UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference #781

Bug Decription A critical security vulnerability exists in the UDM's HTTP callback API where a POST request to the /sdm-subscriptions endpoint with a malformed or unexpected URL path causes a nil ...
sei.cmu

CERT Division

The CERT Division is a leader in cybersecurity. We partner with government, industry, law enforcement, and academia to improve the security and resilience of computer systems and networks. We study ...