EUVD-2025-199017

pypdf's LZWDecode streams be manipulated to exhaust RAM...

Exploit for Use of Uninitialized Resource in Microsoft

Proof-of-Concept exploit for the Untrusted Pointer Dereferenc...

CVE-2025-40210 Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND"

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

TencentOS Server 3: container-tools (TSSA-2023:0111)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0111 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Astro's middleware authentication checks based on url.pathname can be bypassed via url encoded values

A mismatch exists between how Astro normalizes request paths for routing/rendering and how the application’s middleware reads the path for validation checks. Astro internally applies decodeURI to determine which route to render, while the middleware uses context.url.pathname without applying the...

GHSA-GGXQ-HP9W-J794 Astro's middleware authentication checks based on url.pathname can be bypassed via url encoded values

A mismatch exists between how Astro normalizes request paths for routing/rendering and how the application’s middleware reads the path for validation checks. Astro internally applies decodeURI to determine which route to render, while the middleware uses context.url.pathname without applying the...

PT-2025-47489

Name of the Vulnerable Software and Affected Versions Astro versions prior to 5.15.8 Description Astro versions prior to 5.15.8 contain a path normalization discrepancy between how the framework routes requests and how middleware validates them. Astro uses decodeURI to determine the route, while...

CLSA-2025-1763418416 gnutls: Fix of CVE-2024-12243

CVE-2024-12243: fix inefficient algorithm in libtasn1 for decoding certain DER-encoded certificate data to prevent denial-of-service condition...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990777)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990777 advisory. In the Linux kernel, the following vulnerability has been resolved: ceph: avoid putting the realm twice when decoding snaps fails When decoding the snaps fails it...

Advisory ROSA-SA-2025-3072

Software: libwebp 1.0.0 OS: ROSA Virtualization 3.0 unaffected versions = libwebp-1.0.0.0-10.0.1.rv30 affected versions libwebp-1.0.0.0-10.0.1.rv30 CVE-ID: CVE-2020-36332 BDU-ID: CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the libwebp library for WebP image encoding and decoding is associated...

Advisory ROSA-SA-2025-3064

Software: libwebp 1.0.0 OS: ROSA Virtualization 2.1 unaffected versions = libwebp-1.0.0.0-10.0.1.rv3 affected versions libwebp-1.0.0.0-10.0.1.rv3 CVE-ID: CVE-2023-4863 BDU-ID: TO600, TO601, TO675, TO797, TO826 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the libwebp library for WebP image...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990508)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990508 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the length + 4...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989861)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989861 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the length + 4...

SUSE CVE-2025-40038

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Skip the WRMSR and HLT fastpaths in SVM's VM-Exit handler if the next RIP isn't valid, e.g. because KVM is running with nrips=false. SVM must decode and emulate...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : mozilla-nss (SUSE-SU-2025:3804-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3804-1 advisory. - Move NSS DB password hash away from SHA-1 Update to NSS 3.112.2: Prevent leaks during pkcs12 decoding...

SUSE-SU-2025:3804-1 Security update for mozilla-nss

This update for mozilla-nss fixes the following issues: - Move NSS DB password hash away from SHA-1 Update to NSS 3.112.2: Prevent leaks during pkcs12 decoding. SECASN1Decode should ensure it has read as many bytes as each length field indicates Update to NSS 3.112.1: restore support for finding...

SUSE SLES12 Security Update : mozilla-nss (SUSE-SU-2025:3759-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:3759-1 advisory. - Move NSS DB password hash away from SHA-1 Update to NSS 3.112.2: Prevent leaks during pkcs12 decoding. SECASN1Decode should ensure it has read as man...

SUSE SLES15 Security Update : mozilla-nss (SUSE-SU-2025:3760-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3760-1 advisory. - Move NSS DB password hash away from SHA-1. Update to NSS 3.112.2: Prevent leaks during pkcs12 decoding. SECASN1Decode should ensure it has...

SUSE-SU-2025:3760-1 Security update for mozilla-nss

This update for mozilla-nss fixes the following issues: - Move NSS DB password hash away from SHA-1. Update to NSS 3.112.2: Prevent leaks during pkcs12 decoding. SECASN1Decode should ensure it has read as many bytes as each length field indicates Update to NSS 3.112.1: restore support for finding...

Security update for mozilla-nss

This update for mozilla-nss fixes the following issues: Move NSS DB password hash away from SHA-1 Update to NSS 3.112.2: Prevent leaks during pkcs12 decoding. SECASN1Decode should ensure it has read as many bytes as each length field indicates Update to NSS 3.112.1: restore support for finding...