Linux
Executive Summary CVE-2025-21590 is an Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks' Junos OS. This vulnerability allows a local attacker with high privileges to execute arbitrary code, compromising the integrity of the affected device. The issue is exploitable only through shell access and cannot be
Backdoor
Executive Summary CVE-2024-3094 is a critical supply chain vulnerability discovered in the XZ Utils compression library, specifically affecting versions 5.6.0 and 5.6.1. This vulnerability involves a malicious backdoor embedded in the upstream tarballs of the xz package. The backdoor was obfuscated within the build process of
Linux
Executive Summary CVE-2024-20328 is a command injection vulnerability discovered in the VirusEvent feature of ClamAV, a widely used open-source antivirus engine. This vulnerability allows a local attacker to execute arbitrary commands on the system with the privileges of the user running the ClamAV daemon (clamd). The root cause lies in