Fedora 42 : php (2026-3a58db70ca)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3a58db70ca advisory. PHP version 8.4.21 07 May 2026 Core: Fixed bug GH-19983 GC assertion failure with fibers, generators and destructors. iliaal Fixed bug GH-21478...

Fedora 44 : php (2026-c66eaae759)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c66eaae759 advisory. PHP version 8.5.6 07 May 2026 Core: Fixed bug GH-19983 GC assertion failure with fibers, generators and destructors. iliaal Fixed ZENDAPI mismatch o...

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to rhino

Summary IBM webMethods BPM uses rhino to embed a JavaScript engine for executing internal scripts related to business logic and configuration. Vulnerability Details CVEID:CVE-2025-66453 DESCRIPTION: Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1,...

Security Bulletin: Due to the use of JetBrains Kotlin, IBM webMethods BPM is vulnerable to the use of Java API for temporary file and folder creation

Summary IBM webMethods BPM uses JetBrains Kotlin which is vulnerable to the use of Java API for temporary file and folder creation. Vulnerability Details CVEID:CVE-2020-29582 DESCRIPTION: In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim bsc1256280. CVE-2025-39880: libceph: fix invalid accesses to cephconnectionv1info bsc1250388. CVE-2025-40238:...

Security Bulletin: IBM webMethods Integration Sever is affected by CVE-2025-14150

Summary IBM webMethods Integration server could disclose sensitive user information in server responses. CVE-2025-14150 Vulnerability Details CVEID:CVE-2025-14150 DESCRIPTION: IBM webMethods Integration could disclose sensitive user information in server responses. CWE:CWE-497: Exposure of...

OPENSUSE-SU-2026:20055-1 Security update for gimp

This update for gimp fixes the following issues: Changes in gimp: Update to 3.0.6: - Security: - During development, we received reports from the Zero Day Initiative of potential security issues with some of our file import plug-ins. While these issues are very unlikely to occur with real files,...

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to Apache Lucene

Summary IBM webMethods BPM uses Apache Lucene in designer-process-feature and metadata-core-feature for text processing and filtering purpose. Vulnerability Details IBM X-Force ID: 216835 DESCRIPTION: Apache Lucene is vulnerable to a denial of service. By sending a specific regular expression...

CVE-2025-36072 IBM webMethods Integration Deserialization

IBM webMethods Integration 10.11 through 10.11CoreFix22, 10.15 through 10.15CoreFix22, and 11.1 through 11.1CoreFix6 IBM webMethods Integration allow an authenticated user to execute arbitrary code on the system, caused by the deserialization of untrusted object graphs data...

Unbreakable Enterprise kernel security update

5.15.0-313.189.5.1 - afunix: Don't leave consecutive consumed OOB skbs. Kuniyuki Iwashima Orabug: 38528187 CVE-2025-38236 - fs: writeback: fix use-after-free in markinodedirty Jiufei Xue Orabug: 38528183 CVE-2025-39866 - rtnetlink: Fix L3 stats disable handling in rtnloffloadxstatsfill Vijayendra...

Security Bulletin: IBM webMethods Integration Sever is affected by vulnerable lucene-suggest-8.9.0.jar

Summary IBM webMethods Integration Sever is affected by vulnerable lucene-suggest-8.9.0.jar. CWE-400 Vulnerability Details IBM X-Force ID: 216835 DESCRIPTION: Apache Lucene is vulnerable to a denial of service. By sending a specific regular expression query, a remote attacker could exploit this...

SUSE-SU-2025:20636-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_6

This update for kernel-livepatch-MICRO-6-0-RTUpdate6 fixes the following issues: - CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 - CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 - CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...

Fedora 42 : php (2025-2c344545bf)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-2c344545bf advisory. PHP version 8.4.10 03 Jul 2025 BcMath: Fixed bug GH-18641 Accessing a BcMath\Number property by ref crashes. nielsdos Core: Fixed bugs GH-17711 and...

Security Bulletin: IBM webMethods Integration Sever is affected by privilege escalation vulnerability via pub.scheduler.addOneTimeTask service

Summary IBM webMethods Integration Sever is affected by privilege escalation vulnerability via pub.scheduler.addOneTimeTask service. CVE-2025-36048 Vulnerability Details CVEID:CVE-2025-36048 DESCRIPTION: IBM webMethods Integration could allow a privileged user to escalate their privileges when...

Security Bulletin: IBM webMethods Integration Sever is affected by remote code execution via pub.xslt.transformSerialXML

Summary IBM webMethods Integration Sever is affected by remote code execution via pub.xslt.transformSerialXML. CVE-2025-36049 Vulnerability Details CVEID:CVE-2025-36049 DESCRIPTION: IBM webMethods Integration is vulnerable to an XML external entity injection XXE attack when processing XML data. A...

Fedora 41 : php (2024-3891a08c9e)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3891a08c9e advisory. PHP version 8.3.14 21 Nov 2024 CLI: Fixed bug GH-16373 Shebang is not skipped for router script in cli-server started through shebang. ilutov Fixed...

Fedora 18 : ekiga-4.0.1-1.fc18 / opal-3.10.10-1.fc18 / ptlib-2.10.10-1.fc18 (2013-2998)

New upstream ekiga 4.0.1 release - Core fixes - Fix crash when quitting ekiga while receiving presence information - Fix crash when quitting ekiga right after starting it before STUN ending - Fix crash when disabling an account while icons in roster are changing - Fix crash when receiving call a...