Lucene search
K

130 matches found

OSV
OSV
added 2026/06/22 3:34 p.m.6 views

SUSE-SU-2026:2493-1 Security update for containerized-data-importer

This update for containerized-data-importer fixes the following issues: - Security: re-vendor Go dependencies to address CVEs tracked against containerized-data-importer backport of upstream PR 4110, post-v1.65.0. Fixed by this update: google.golang.org/grpc 1.65.0 - 1.79.3: bsc1260295...

9.1CVSS6.9AI score0.91969EPSS
Exploits7References20
OSV
OSV
added 2026/06/19 11:3 a.m.5 views

SUSE-SU-2026:2468-1 Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues Update to version 3.3.4624.0: - CVE-2025-22869: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239342. - CVE-2025-22870: golang.org/x/net/proxy: proxy bypass using IPv6 zone IDs bsc1238702. ...

10CVSS7.2AI score0.00868EPSS
Exploits3References31
OSV
OSV
added 2026/06/03 2:18 p.m.6 views

SUSE-SU-2026:2254-1 Security update 5.0.8 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Security Fixes: - CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter bsc1248707 golang-github-prometheus-nodeexporter was updated from version 1.5.0 to 1.10.2: - Security Fixes: - Version...

7.5CVSS5.8AI score0.91969EPSS
Exploits3References14
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/04 10:31 a.m.14 views

Security Bulletin: IBM Event Streams is vulnerable to proxy bypass

Summary IBM Event Streams is vulnerable to proxy bypass due to improper handling of IPv6 zoneID CVE-2025-22870 Vulnerability Details CVEID:CVE-2025-22870 DESCRIPTION: Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPRO...

4.4CVSS6AI score0.00384EPSS
Exploits2Affected Software1
OSV
OSV
added 2026/02/20 2:27 p.m.4 views

SUSE-SU-2026:0592-1 Security update for vexctl

This update for vexctl fixes the following issues: - Update to version 0.4.1+git78.f951e3a: - CVE-2025-22868: Unexpected memory consumption during token parsing in golang.org/x/oauth2. bsc1239186 - CVE-2024-45337: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in...

9.1CVSS8.6AI score0.03153EPSS
Exploits5References19
Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.4 views

SUSE SLES15: apptainer / apptainer-leap / apptainer-sle15_6 / apptainer-sle15_7 / etc (SUSE-SU-2026:0439-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0439-1 advisory. Security fixes: - CVE-2024-45310: Fixed runc being tricked into creating empty files/directories on host bsc1257432 -...

8.7CVSS6.8AI score0.00868EPSS
Exploits3References30
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/23 1:26 p.m.8 views

Security Bulletin: Vulnerability in golang.org/x/net affect IBM® Db2® Big SQL on IBM Cloud Pak for Data.

Summary Vulnerability in golang.org/x/net affect IBM® Db2® Big SQL 7.8 on IBM Cloud Pak for Data 5.1 and earlier. Vulnerability Details CVEID:CVE-2025-22870 DESCRIPTION: Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the...

4.4CVSS5.8AI score0.00384EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/31 6:27 p.m.6 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a misinterpretation of Input in golang.org/x/net/proxy [CVE-2025-22870]

Summary IBM Watson Speech Services Cartridge is vulnerable to a misinterpretation of Input in golang.org/x/net/proxy, due to matching of hosts against proxy patterns which can improperly treat an IPv6 zone ID as a hostname component CVE-2025-22870. Golang is used in our speech utilities. This...

4.4CVSS6.5AI score0.00384EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/10/29 12:0 a.m.5 views

Fedora 41 : git-lfs (2025-5872b9ec46)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-5872b9ec46 advisory. Update to latest version 2404637 Fix CVE-2025-22870, CVE-2025-47910, CVE-2025-47906, CVE-2025-26625 Tenable has extracted the preceding description...

8.6CVSS7.3AI score0.00707EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2025/10/28 12:0 a.m.1 views

Fedora: Security Advisory (FEDORA-2025-3d0ada20e1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS6.8AI score0.00868EPSS
Exploits2References10
OpenVAS
OpenVAS
added 2025/10/28 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2025-3afa669ec0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.00804EPSS
Exploits2References13
OpenVAS
OpenVAS
added 2025/10/28 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-a6574c5095)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.8AI score0.00856EPSS
Exploits2References10
OpenVAS
OpenVAS
added 2025/10/28 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-4af86bb0f8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.8AI score0.00856EPSS
Exploits2References10
OpenVAS
OpenVAS
added 2025/10/28 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-90442d9001)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.00868EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2025/10/28 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2025-9b9074cb93)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS6.8AI score0.00384EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2025/10/28 12:0 a.m.5 views

Fedora: Security Advisory (FEDORA-2025-59acaa6bd9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS6.8AI score0.00384EPSS
Exploits2References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/20 11:21 a.m.4 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in golang.org/x/net-v0.25.0

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of golang.org/x/net-v0.25.0 Vulnerability Details CVEID:CVE-2024-45338 DESCRIPTION: An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely...

5.3CVSS6.5AI score0.00856EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/17 12:0 a.m.5 views

Fedora 41 : apptainer (2025-5b1e8725d7)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-5b1e8725d7 advisory. Update to upstream 1.4.2, fix CVE-2025-22870 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Ness...

4.4CVSS7AI score0.00384EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/06 1:40 p.m.14 views

Security Bulletin: Multiple security vulnerabilities in Go affects IBM Robotic Process Automation for Cloud Pak

Summary Multiple security vulnerabilities in Go affects IBM Robotic Process Automation for Cloud Pak. Go is used by IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes required to resolve the vulnerabilities. Vulnerability Details...

7.5CVSS7.3AI score0.00868EPSS
Exploits2Affected Software1
OpenVAS
OpenVAS
added 2025/08/04 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2025-19c41f754c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS7.3AI score0.00384EPSS
Exploits2References5
Rows per page
Query Builder