SUSE-SU-2026:21978-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.31.1 fixes various security issues The following security issues were fixed: - CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy bsc1261845. - CVE-2026-31406: xfrm: Fix work re-schedule after cancel in...

SUSE-SU-2026:21954-1 Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.31.1 fixes various security issues The following security issues were fixed: - CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy bsc1261845. - CVE-2026-31406: xfrm: Fix work re-schedule after cancel in...

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in xercesImpl

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in xercesImpl CVE-2009-2625, CVE-2012-0881, CVE-2013-4002, CVE-2020-14338, CVE-2022-23437. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2009-2625 DESCRIPTION: XMLScanner.java in Apache Xerces2...

SUSE-SU-2026:21525-1 Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues The following security issues were fixed: - CVE-2026-23004: dst: fix races in rt6uncachedlistdel and rtdeluncachedlist bsc1258655. - CVE-2026-23204: net/sched: clsu32: use skbheaderpointercareful...

SUSE-SU-2026:21557-1 Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues The following security issues were fixed: - CVE-2026-23004: dst: fix races in rt6uncachedlistdel and rtdeluncachedlist bsc1258655. - CVE-2026-23204: net/sched: clsu32: use skbheaderpointercareful...

SUSE-SU-2026:21556-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.28.1 fixes various security issues The following security issues were fixed: - CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy bsc1261845. - CVE-2026-31406: xfrm: Fix work re-schedule after cancel in...

SUSE-SU-2026:21524-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.28.1 fixes various security issues The following security issues were fixed: - CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy bsc1261845. - CVE-2026-31406: xfrm: Fix work re-schedule after cancel in...

BELL-CVE-2026-23437 CVE-2026-23437 does not affect BellSoft software

Bulletin has no description...

DEBIAN-CVE-2026-23437

In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...

[SECURITY] [DLA 4462-1] pillow security update

Debian LTS Advisory DLA-4462-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert February 01, 2026 https://wiki.debian.org/LTS Package : pillow Version : 8.1.2+dfsg-0.3+deb11u3 CVE ID : CVE-2021-23437 CVE-2022-24303 CVE-2022-45198 Multiple vulnerabilities have been...

Debian dla-4462 : python-pil-doc - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4462 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4462-1 [email protected]...

CVE-2025-23437

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nordtramper ntp-header-images header-images-rotator allows Reflected XSS.This issue affects ntp-header-images: from n/a through = 1.2...

Linux Distros Unpatched Vulnerability : CVE-2022-23437

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There's a vulnerability within the Apache Xerces Java XercesJ XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML...

Linux Distros Unpatched Vulnerability : CVE-2021-23437

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function. CVE-2021-23437 Note that Nessus...

CVE-2025-23437

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nordtramper ntp-header-images header-images-rotator allows Reflected XSS.This issue affects ntp-header-images: from n/a through = 1.2...

CVE-2025-23437 WordPress ntp-header-images plugin <=1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nordtramper ntp-header-images header-images-rotator allows Reflected XSS.This issue affects ntp-header-images: from n/a through = 1.2...

CVE-2025-23437 WordPress ntp-header-images plugin <=1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound ntp-header-images allows Reflected XSS. This issue affects ntp-header-images: from n/a through 1.2...

CVE-2025-23437

CVE-2025-23437 describes a reflected cross-site scripting vulnerability in the WordPress plugin ntp-header-images (NotFound) versions up to and including 1.2 . The issue stems from improper input neutralization during web page generation, enabling reflected XSS when processing input. Public docum...

Advisory ROSA-SA-2025-2621

software: xerces-j2 2.12.0 WASP: ROSA-CHROME packageevrstring: xerces-j2-2.12.0-4 CVE-ID: CVE-2022-23437 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Apache Xerces Java XercesJ XML parser causes it to hang in an infinite loop when processing specially crafted XML documents...

CVE-2024-23437

creationtimestamp| type| source ---|---|--- 2025-01-01 00:19:19+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lenbz7vcqu2k 2025-01-01 02:16:42+00:00| seen| https://t.me/cvedetector/14071...