MINI-VH9G-HHCW-4948

Bulletin has no description...

CLSA-2026-1778887961 firewalld: Fix of CVE-2026-4948

CVE-2026-4948: use PKACTIONCONFIG for setZoneSettings2/setPolicySettings to require write authorization...

Security update for firewalld

This update for firewalld fixes the following issue: CVE-2026-4948: local unprivileged users can modify the runtime firewall state without proper authentication due to D-Bus setter mis-authorizations bsc1260903. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

SUSE-SU-2026:1872-1 Security update for firewalld

This update for firewalld fixes the following issue: - CVE-2026-4948: local unprivileged users can modify the runtime firewall state without proper authentication due to D-Bus setter mis-authorizations bsc1260903...

OESA-2026-1858 firewalld security update

firewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface. Security Fixes: A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and...

OESA-2026-1856 firewalld security update

firewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface. Security Fixes: A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and...

CVE-2026-4948

creationtimestamp| type| source ---|---|--- 2026-03-27 08:46:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhzq6syvre2d 2026-04-04 07:26:19+00:00| seen| https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3minpgr7g4d26...

Linux Distros Unpatched Vulnerability : CVE-2026-4948

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSetting...

Oracle Linux 7 : libsoup (ELSA-2026-2628)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2628 advisory. - Fixes CVE-2026-0719 CVE-2026-1761 Orabug: 38958074 - Fix CVE-2025-14523 Orabug: 38873507 - Backport patch for CVE-2025-4945 and CVE-2025-11021 Orabug...

Oracle Linux 7 : libsoup (ELSA-2026-0925)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0925 advisory. - Fix CVE-2025-14523 Orabug: 38873507 - Backport patch for CVE-2025-4945 and CVE-2025-11021 Orabug: 38664275 - Fixes CVE-2025-2784 CVE-2025-4948 CVE-2025-32049...

libsoup security update

2.62.2-2.0.9 - Fix CVE-2025-14523 Orabug: 38873507 2.62.2-2.0.7 - Backport patch for CVE-2025-4945 and CVE-2025-11021 Orabug: 38664275 2.62.2-2.0.5 - Fixes CVE-2025-2784 CVE-2025-4948 CVE-2025-32049 Orabug: 38085184 - CVE-2025-32906 CVE-2025-32911 CVE-2025-32913 CVE-2025-32914 2.62.2-2.0.3 - Fixe...

MiracleLinux 9 : libsoup-2.72.0-10.el9_6.2 (AXSA:2025-10489:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10489:08 advisory. libsoup: Heap buffer over-read in skipinsignificantspace when sniffing content CVE-2025-2784 libsoup: Denial of Service attack to websocket server...

CVE-2009-4948

Cross-site scripting XSS vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Oracle Linux 7 : libsoup (ELSA-2025-21657)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21657 advisory. - Backport patch for CVE-2025-4945 and CVE-2025-11021 Orabug: 38664275 - Fixes CVE-2025-2784 CVE-2025-4948 CVE-2025-32049 Orabug: 38085184 -...

libsoup security update

2.62.2-2.0.7 - Backport patch for CVE-2025-4945 and CVE-2025-11021 Orabug: 38664275 2.62.2-2.0.5 - Fixes CVE-2025-2784 CVE-2025-4948 CVE-2025-32049 Orabug: 38085184 - CVE-2025-32906 CVE-2025-32911 CVE-2025-32913 CVE-2025-32914 2.62.2-2.0.3 - Fixed CVE-2024-52531 buffer overflow via UTF-8 conversi...

Debian dla-4398 : gir1.2-soup-2.4 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4398 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4398-1 [email protected]...

ROOT-OS-DEBIAN-12-CVE-2025-4948 CVE-2025-4948 in rootio-libsoup3 - Patched by Root

Root has patched CVE-2025-4948 in the rootio-libsoup3 package for Root:Debian:12. Multiple fixed versions available...

TencentOS Server 4: libsoup (TSSA-2025:0413)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0413 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Huawei EulerOS: Security Advisory for libsoup (EulerOS-SA-2025-2103)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in libsoup library (CVE-2025-2784, CVE-2025-4948, CVE-2025-32049, CVE-2025-32914) affect Power HMC.

Summary The libsoup library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-2784 DESCRIPTION: A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the...