10464 matches found
osbuild-composer security update
101.4-2.0.1 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl JIRA: OLDIS-38123 - Increase default /boot size to 1GB Orabug: 36827079 - support for building OL8/9 images on Oracle Linu...
EUVD-2020-30868
Quick 'n Easy FTP Service 3.2 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code during service startup. Attackers can exploit the misconfigured service binary path to inject malicious executables with elevated LocalSystem privileges during syste...
com.foxinmy:easemob4j (>=1.1.0 <=1.1.3), com.foxinmy:umeng4j (>=1.1.0 <=1.1.3) +13 more potentially affected by CVE-2026-24819 via com.foxinmy:weixin4j-base (>=1.0 <=1.9.1)
com.foxinmy:weixin4j-base MAVEN version =1.0, =1.1.0, =1.1.0, =1.9.0, =1.4, =1.0, =1.9.0, =1.4, =1.0, =1.8.0, =1.0.9-RELEASE, =0.0.2, =0.0.3 - org.oxerr:spring-security-wechat-samples-helloworld =0.0.1 Source cves: CVE-2026-24819 Source advisory: SNYK:JAVA-COMFOXINMY-15128702...
This Week in Spring - January 27th, 2026
Hi, Spring fans! Welcome to another installment of This Week in Spring! As I write this, I cannot believe we're nearly at the end of the month! Time sure flies. Spring AI 2.0.0-M2 is available now Spring Modulith 2.1 M1, 2.0.2, and 1.4.7 released In last week's installment of A Bootiful Podcast ,...
Security Bulletin: This Power System update is being released to address CVE-2025-52497
Summary When Linux Secure Boot is enabled, a malformed public key certificate in the grubdb or grubdbx can cause a DoS blocking Linux partition boot or make a limited amount of partition memory available. Vulnerability Details CVEID:CVE-2025-52497 DESCRIPTION: Mbed TLS before 3.6.4 has a PEM...
Security Bulletin: This Power System update is being released to address CVE-2025-49087
Summary Mbed-TLS is used by partition firmware for Linux secure boot. This update is being released to mitigate any potential impacts to Linux partitions with secure boot enabled. Vulnerability Details CVEID:CVE-2025-49087 DESCRIPTION: In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing...
This Week in Spring - January 26th, 2026
Hi, Spring fans! Welcome to another installment of This Week in Spring! As I write this, I cannot believe we're nearly at the end of the month! Time sure flies. Spring AI 2.0.0-M2 is available now Spring Modulith 2.1 M1, 2.0.2, and 1.4.7 released In last week's installment of A Bootiful Podcast ,...
January 24, 2026—KB5078131 (OS Build 17763.8281) Out-of-band
January 24, 2026—KB5078131 OS Build 17763.8281 Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business device...
January 24, 2026—KB5078129 (OS Builds 19045.6812 and 19044.6812) Out-of-band
January 24, 2026—KB5078129 OS Builds 19045.6812 and 19044.6812 Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed...
xss-protector
Lucy XSS Filter for Spring Boot 네이버 Lucy XSS Filter를 사용한 강력...
Exploit for Out-of-bounds Read in Libpng
Spring Boot Minimal Images PoC Dummy Spring Boot application...
Azure Linux 3.0 Security Update: kernel (CVE-2024-36926)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36926 advisory. - In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics durin...
Azure Linux 3.0 Security Update: kernel (CVE-2024-46706)
"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46706 advisory. - In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsllpuart: mark last busy...
Azure Linux 3.0 Security Update: kernel (CVE-2025-22009)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22009 advisory. - In the Linux kernel, the following vulnerability has been resolved: regulator: dummy: force synchronous...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38354)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38354 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/msm/gpu: Fix crash when throttling G...
Azure Linux 3.0 Security Update: kernel (CVE-2024-36925)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36925 advisory. - In the Linux kernel, the following vulnerability has been resolved: swiotlb: initialise restricted pool...
Linux Distros Unpatched Vulnerability : CVE-2026-21265
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affecte...
MiracleLinux 7 : grub2-2.02-0.87.14.0.1.el7.AXS7 (AXSA:2024-7721:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7721:02 advisory. grub2: Buffer overflow in grubfontconstructglyph can lead to out-of-bound write and possible secure boot bypass CVE-2022-2601 Tenable has extracted the...
MiracleLinux 8 : fwupd-1.5.9-1.el8.ML.1 (AXSA:2022-2904:01)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-2904:01 advisory. grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled CVE-2020-14372 grub2: Use-after-free in rmmod...
MiracleLinux 9 : grub2-2.06-46.el9.3.ML.1 (AXSA:2023-5114:03)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5114:03 advisory. grub2: Buffer overflow in grubfontconstructglyph can lead to out-of-bound write and possible secure boot bypass CVE-2022-2601 grub2: Heap based...