111 matches found
Security Bulletin: Security Vulnerabilities were found in IBM Security Verify Directory (CVE-2018-2799)
Summary Security Vulnerabilities were addressed in IBM Security Verify Directory Vulnerability Details CVEID:CVE-2018-2799 DESCRIPTION: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 7u171,...
SUSE-SU-2026:21978-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.31.1 fixes various security issues The following security issues were fixed: - CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy bsc1261845. - CVE-2026-31406: xfrm: Fix work re-schedule after cancel in...
SUSE-SU-2026:22037-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.31.1 fixes various security issues The following security issues were fixed: - CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy bsc1261845. - CVE-2026-31406: xfrm: Fix work re-schedule after cancel in...
SUSE-SU-2026:22036-1 Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.32.1 fixes various security issues The following security issues were fixed: - CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy bsc1261845. - CVE-2026-31406: xfrm: Fix work re-schedule after cancel in...
SUSE-SU-2026:21954-1 Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.31.1 fixes various security issues The following security issues were fixed: - CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy bsc1261845. - CVE-2026-31406: xfrm: Fix work re-schedule after cancel in...
Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in xercesImpl
Summary IBM SPSS Modeler is affected by multiple vulnerabilities in xercesImpl CVE-2009-2625, CVE-2012-0881, CVE-2013-4002, CVE-2020-14338, CVE-2022-23437. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2009-2625 DESCRIPTION: XMLScanner.java in Apache Xerces2...
SUSE-SU-2026:21525-1 Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues The following security issues were fixed: - CVE-2026-23004: dst: fix races in rt6uncachedlistdel and rtdeluncachedlist bsc1258655. - CVE-2026-23204: net/sched: clsu32: use skbheaderpointercareful...
SUSE-SU-2026:21557-1 Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues The following security issues were fixed: - CVE-2026-23004: dst: fix races in rt6uncachedlistdel and rtdeluncachedlist bsc1258655. - CVE-2026-23204: net/sched: clsu32: use skbheaderpointercareful...
SUSE-SU-2026:21556-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.28.1 fixes various security issues The following security issues were fixed: - CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy bsc1261845. - CVE-2026-31406: xfrm: Fix work re-schedule after cancel in...
SUSE-SU-2026:21524-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.28.1 fixes various security issues The following security issues were fixed: - CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy bsc1261845. - CVE-2026-31406: xfrm: Fix work re-schedule after cancel in...
BELL-CVE-2026-23437
Bulletin has no description...
DEBIAN-CVE-2026-23437
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
[SECURITY] [DLA 4462-1] pillow security update
Debian LTS Advisory DLA-4462-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert February 01, 2026 https://wiki.debian.org/LTS Package : pillow Version : 8.1.2+dfsg-0.3+deb11u3 CVE ID : CVE-2021-23437 CVE-2022-24303 CVE-2022-45198 Multiple vulnerabilities have been...
Debian dla-4462 : python-pil-doc - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4462 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4462-1 [email protected]...
CVE-2025-23437
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nordtramper ntp-header-images header-images-rotator allows Reflected XSS.This issue affects ntp-header-images: from n/a through = 1.2...
Linux Distros Unpatched Vulnerability : CVE-2022-23437
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There's a vulnerability within the Apache Xerces Java XercesJ XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML...
Linux Distros Unpatched Vulnerability : CVE-2021-23437
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service ReDoS via the getrgb function. CVE-2021-23437 Note that Nessus...
CVE-2025-23437
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nordtramper ntp-header-images header-images-rotator allows Reflected XSS.This issue affects ntp-header-images: from n/a through = 1.2...
CVE-2025-23437
CVE-2025-23437 describes a reflected cross-site scripting vulnerability in the WordPress plugin ntp-header-images (NotFound) versions up to and including 1.2 . The issue stems from improper input neutralization during web page generation, enabling reflected XSS when processing input. Public docum...
CVE-2025-23437 WordPress ntp-header-images plugin <=1.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound ntp-header-images allows Reflected XSS. This issue affects ntp-header-images: from n/a through 1.2...