CVE-2025-31973 HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'

HCL BigFix Service Management SM is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment...

CVE-2025-31973

Technical details for CVE-2025-31973 are not publicly available in the provided documents. Monitor for updates.

CVE-2025-31973

HCL BigFix Service Management SM is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment...

EUVD-2025-209905

HCL BigFix Service Management SM is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment...

CVE-2025-31973 HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'

HCL BigFix Service Management SM is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment...

RHSA-2026:19180 Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

Bulletin has no description...

RHSA-2026:19024 Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

Bulletin has no description...

Astra Linux - уязвимость в node-cipher-base

There is a vulnerability in improper input validation in the cipher-base module, which allows for manipulation of input data. This issue affects cipher-base version 1.0.4...

Astra Linux - уязвимость в 389-ds-base

A heap overflow flaw was discovered in 389-ds-base. This issue causes a denial of service when writing a value larger than 256 characters in logentryattr...

Astra Linux - уязвимость в 389-ds-base

When using a syncrepl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, resulting in a crash...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: net: fec: fixed the potential memory leak in fecenetinit. If the memory allocated for cbdbase fails, it should free the memory allocated for the queues; otherwise, a memory leak will occur. And if the memory allocated for the...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: cxgb4: Avoid accessing registers when clearing filters. A hardware register that contains the server TID base can contain invalid values when the adapter is in a faulty state for example, due to an AER fatal error. Reading these...

Astra Linux - уязвимость в 389-ds-base

In the 389-ds-base up to version 1.4.1.2, requests are processed by worker threads. Each socket is waited for by the worker for no more than ‘ioblocktimeout’ seconds. However, this timeout applies only to un-encrypted requests. Connections that use SSL/TLS do not take this timeout into account...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Fixed the enumeration of protocols in the base protocol. When enumerating the protocols implemented by the SCMI platform using BASEDISCOVERLISTPROTOCOLS, the number of protocols returned is currently validated ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcpbasemss. When reading sysctltcpbasemss, it can be changed concurrently. Therefore, we need to add READONCE to its readers...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Set the hugetlb mmap base address to be aligned with the pmd size. With the ltp test case “testcases/bin/hugefork02”, there is a dmesg error report message, such as: kernel BUG at mm/hugetlb.c:5550! Oops - BUG1: CPU: 0...

Astra Linux - уязвимость в slapi-nis

A flaw was discovered in slapi-nis in versions prior to 0.56.7. A NULL pointer dereferencing during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The greatest threat from this vulnerability is to system availability...

Astra Linux - уязвимость в 389-ds-base

A flaw was discovered in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then any password will successfully match during authentication, instead of being inactive. This flaw allows an attacker to successfully authenticate as a user whose password h...

Astra Linux - уязвимость в 389-ds-base

A flaw was discovered in 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can access a NULL pointer dereferencing using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is associated with an incomple...

Astra Linux - уязвимость в 389-ds-base

The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying userPassword using malformed input...