SUSE SLES15 / openSUSE 15 Security Update : tomcat (SUSE-SU-2025:1126-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1126-1 advisory. - CVE-2025-24813: Fixed potential RCE and/or information disclosure/corruption with partial PUT bsc1239302 - Update t...

SUSE-SU-2025:1126-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2025-24813: Fixed potential RCE and/or information disclosure/corruption with partial PUT bsc1239302 - Update to Tomcat 9.0.102 Fixes: + launch with java 17 bsc1239676 Catalina + Fix: Weak etags in the If-Range header should not match as...

Django 安全漏洞

Django is a set of open source web application frameworks based on the Python language from the Django Foundation. The framework includes an object-oriented mapper, view system, template system, and more. A security vulnerability exists in Django versions 5.1 prior to 5.1.8 and 5.0 prior to 5.0.1...

Important: ghostscript

Issue Overview: Potential integer and buffer overflow with DollarBlend during serializing a multiple master font for passing to Freetype. Fixed by changing a variable type from short to unsigned short and checking if a length variable exceeds permitted limit. Fixed in ghostpdl-10.05.0...

Azure Linux 3.0 Security Update: application-gateway-kubernetes-ingress / azcopy / cert-manager / cf-cli / coredns (CVE-2024-51744)

The version of application-gateway-kubernetes-ingress / azcopy / cert-manager / cf-cli / coredns installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-51744 advisory. - golang-jwt is a Go implementation...

CVE-2025-0986 IBM PowerVM Hypervisor data manipulation

IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration...

PT-2025-13521 · Ibm · Ibm Powervm Hypervisor

Name of the Vulnerable Software and Affected Versions: IBM PowerVM Hypervisor versions FW1050.00 through FW1050.30 IBM PowerVM Hypervisor versions FW1060.00 through FW1060.20 Description: The issue allows a local user, under certain Linux processor compatibility mode configurations, to cause...

IBM PowerVM Hypervisor 安全漏洞

IBM PowerVM Hypervisor is an application from International Business Machines IBM, Inc. Providing a secure and scalable virtualized environment, these applications are built on the advanced RAS features and leading performance of the Power Systems platform. A security vulnerability exists in IBM...

Citrix : ADC: Netscaler VPX vs ESXi compatibility version

Netscaler VPX on ESXi got rebooted automatically...

Pitchfork HTTP Request/Response Splitting vulnerability

Impact HTTP Response Header Injection in Pitchfork Versions 0.11.0 when used in conjunction with Rack 3 Patches The issue was fixed in Pitchfork release 0.11.0 Workarounds There are no known work arounds. Users must upgrade...

UBUNTU-CVE-2025-21889

In the Linux kernel, the following vulnerability has been resolved: perf/core: Add RCU read lock protection to perfiteratectx The perfiteratectx function performs RCU list traversal but currently lacks RCU read lock protection. This causes lockdep warnings when running perf probe with unshare1...

SUSE SLES15 / openSUSE 15 Security Update : tomcat10 (SUSE-SU-2025:1024-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1024-1 advisory. - CVE-2025-24813: Fixed potential RCE and/or information disclosure/corruption with partial PUT bsc1239302 Other fixe...

SUSE-SU-2025:1024-1 Security update for tomcat10

This update for tomcat10 fixes the following issues: - CVE-2025-24813: Fixed potential RCE and/or information disclosure/corruption with partial PUT bsc1239302 Other fixes: - Update to Tomcat 10.1.39 Fixes: + launch with java 17 bsc1239676 Catalina + Fix: 69602: Fix regression in releases from...

[SECURITY] Fedora 40 Update: kitty-0.40.0-2.fc40

Offloads rendering to the GPU for lower system load and buttery smooth scrolling. Uses threaded rendering to minimize input latency. - Supports all modern terminal features: graphics images, unicode, true-col or, OpenType ligatures, mouse protocol, focus tracking, bracketed paste and several new...

compat-sap-c++-13 enhancement update

An update is available for compat-sap-c++-13. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The compat-sap-c++-13 package provides runtime compatibility...

CVE-2025-1057 Keylime: keylime registrar dos due to incompatible database entry handling

A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas...

CVE-2025-1057 Keylime: keylime registrar dos due to incompatible database entry handling

A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas...

The vulnerability of the compatibility subsystem’s kernel allows for the execution of Linux applications on Windows operating systems through the Windows Subsystem for Linux (WSL2). This enables attackers to execute arbitrary code.

The vulnerability in the kernel of the compatibility subsystem for running Linux applications, namely Windows Subsystem for Linux WSL2 on Windows operating systems, involves a pointer manipulation issue. Exploiting this vulnerability allows an attacker to execute arbitrary code...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : build (SUSE-SU-2025:0857-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0857-1 advisory. - CVE-2024-22038: Fixed DoS attacks, information leaks with crafted Git repositories bnc1230469 Other...

SUSE-SU-2025:0857-1 Security update for build

This update for build fixes the following issues: - CVE-2024-22038: Fixed DoS attacks, information leaks with crafted Git repositories bnc1230469 Other fixes: - Fixed behaviour when using '--shell' aka 'osc shell' option in a VM build. Startup is faster and permissions stay intact now. - fixes fo...