OESA-2025-2523 spdk security update

The Storage Performance Development Kit provides a set of tools and libraries for writing high performance, scalable, user-mode storage applications. Security Fixes: Storage Performance Development Kit SPDK 25.05 is vulnerable to Buffer Overflow in the NVMe-oF target component in SPDK -...

Moderate: Red Hat Security Advisory: OpenJDK 11.0.29 ELS Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

RHEL 10 / 8 / 9 : java-21-openjdk (RHSA-2025:18824)

The remote Redhat Enterprise Linux 10 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:18824 advisory. The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security...

RHEL 7 : java-1.8.0-openjdk (RHSA-2025:18814)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:18814 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

Moderate: Red Hat Security Advisory: OpenJDK 17.0.17 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

CVE-2025-61755

Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE component: Compiler. Supported versions that are affected are Oracle GraalVM for JDK: 17.0.16 and 21.0.8. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi...

UBUNTU-CVE-2025-53066

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 and 21.0.8; Oracle...

EUVD-2025-35254

Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE component: Compiler. Supported versions that are affected are Oracle GraalVM for JDK: 17.0.16 and 21.0.8. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi...

CVE-2025-53057

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 and 21.0.8; Oracl...

.NET 8.0 security update

An update is available for dotnet8.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

.NET 9.0 security update

An update is available for dotnet9.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

Oracle Linux 9 : .NET / 8.0 (ELSA-2025-18149)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-18149 advisory. 8.0.121-1.0.1 - Add support for Oracle Linux 8.0.121-1 - Update to .NET SDK 8.0.121 and Runtime 8.0.21 - Resolves: RHEL-116866 Tenable has extracted t...

.NET 9.0 security update

9.0.111-1.0.1 - Add support for Oracle Linux 9.0.111-1 - Update to .NET SDK 9.0.111 and Runtime 9.0.10 - Resolves: RHEL-116856...

GHSA-W3Q9-FXM7-J8FQ Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0.xxx, .NET 9.0.xxx and .NET 10.0.xxx. This advisory also provides guidance on what developers c...

Source SDK 安全漏洞

Source SDK is an open source computer game by Valve Software. A security vulnerability exists in Source SDK that stems from a stack-based buffer overflow in the ragdoll model parsing logic, which could lead to remote code execution...

PT-2025-42216

Valve's Source SDK source-sdk-2013's ragdoll model parsing logic contains a stack-based buffer overflow vulnerability.The tokenizer function nexttoken copies characters from an input string into a fixed-size stack buffer without performing bounds checks. When ParseKeyValue processes a collisionpa...

RHEL 8 : .NET 8.0 (RHSA-2025:18148)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:18148 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.121 and .NET Runtime...

EUVD-2025-34458

Parse Javascript SDK vulnerable to prototype pollution in Parse.Object and internal APIs...

USN-7816-1 dpdk vulnerability

It was discovered that DPDK incorrectly handled the mlx5 Ethernet poll mode driver. An attacker could possibly use this issue to obtain sensitive information, or cause the network interface to crash, resulting in a denial of service...