CVE-2023-40920

Prixan prixanconnect up to v1.62 was discovered to contain a SQL injection vulnerability via the component CartsGuruCatalogModuleFrontController::importProducts...

Fedora: Security Advisory (FEDORA-2025-6df5ab0b98)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-d72429a1f8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MAL-2025-40920 Malicious code in zephyr_2jlfx_jkovr_pinnacle (npm)

The package zephyr2jlfxjkovrpinnacle was found to contain malicious code...

CVE-2025-40920

creationtimestamp| type| source ---|---|--- 2025-08-11 22:22:37+00:00| seen| https://seclists.org/oss-sec/2025/q3/92 2025-08-11 22:22:37+00:00| seen| https://seclists.org/oss-sec/2025/q3/92 2025-08-11 22:22:37+00:00| seen| https://seclists.org/oss-sec/2025/q3/92 2025-08-11 22:22:37+00:00| seen|...

CVE-2025-40920

An insecure nonce generation flaw was found in the Catalyst::Authentication::Credential::HTTP perl module, where it does not use a strong cryptographic source for generating nonces. This flaw allows an attacker to decrypt communications. Mitigation Mitigation for this issue is either not availabl...

CVE-2025-40920

Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable...

CVE-2025-40920 Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl use insecurely generated nonces

Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable...

Linux Distros Unpatched Vulnerability : CVE-2024-40920

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix suspicious rcu usage in brmstsetstate I converted brmstsetstate to RCU...

SUSE SLES15 Security Update : kernel RT (Live Patch 0 for SLE 15 SP6) (SUSE-SU-2025:0268-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0268-1 advisory. This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge:...

SUSE-SU-2025:0269-1 Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. - CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781. ...

Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781...

SUSE-SU-2025:0268-1 Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. - CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781. -...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP6) (SUSE-SU-2025:0263-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0263-1 advisory. This update for the Linux Kernel 6.4.0-15060021 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge:...

SUSE SLES15 Security Update : kernel (Live Patch 1 for SLE 15 SP6) (SUSE-SU-2025:0255-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0255-1 advisory. This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge:...

SUSE SLES15 Security Update : kernel (Live Patch 3 for SLE 15 SP6) (SUSE-SU-2025:0265-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0265-1 advisory. This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge...

SUSE SLES15 Security Update : kernel (Live Patch 2 for SLE 15 SP6) (SUSE-SU-2025:0262-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0262-1 advisory. This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge...

SUSE-SU-2025:0265-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. - CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781....

SUSE-SU-2025:0263-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-15060021 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. - CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781. -...

Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781...