OPENSUSE-SU-2024:10566-1 libidn-devel-1.33-2.3 on GA media

These are all security issues fixed in the libidn-devel-1.33-2.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11039-1 libmariadb-devel-3.2.3-2.2 on GA media

These are all security issues fixed in the libmariadb-devel-3.2.3-2.2 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13723-1 giflib-devel-32bit-5.2.2-1.1 on GA media

These are all security issues fixed in the giflib-devel-32bit-5.2.2-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10929-1 libcomps-devel-0.1.17-1.2 on GA media

These are all security issues fixed in the libcomps-devel-0.1.17-1.2 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13286-1 assimp-devel-5.3.1-1.1 on GA media

These are all security issues fixed in the assimp-devel-5.3.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11857-1 kernel-devel-5.16.10-1.1 on GA media

These are all security issues fixed in the kernel-devel-5.16.10-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11004-1 libtpms-devel-0.8.4-2.2 on GA media

These are all security issues fixed in the libtpms-devel-0.8.4-2.2 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10496-1 libneon-devel-0.30.1-1.11 on GA media

These are all security issues fixed in the libneon-devel-0.30.1-1.11 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12779-1 kernel-devel-6.2.4-1.1 on GA media

These are all security issues fixed in the kernel-devel-6.2.4-1.1 package on the GA media of openSUSE Tumbleweed...

libxml2 security update

An update is available for libxml2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...

CVE-2024-31217 @strapi/plugin-upload has a Denial-of-Service via Improper Exception Handling

Strapi is an open-source content management system. Prior to version 4.22.0, a denial-of-service vulnerability is present in the media upload process causing the server to crash without restarting, affecting either development and production environments. Usually, errors in the application cause ...

VSCode ipynb Remote Development RCE

VSCode when opening an Jupyter notebook .ipynb file bypasses the trust model. On versions v1.4.0 - v1.71.1, its possible for the Jupyter notebook to embed HTML and javascript, which can then open new terminal windows within VSCode. Each of these new windows can then execute arbitrary code at...

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in Azure products. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to grant themselves elevated privileges and potentially perform actions with administrator privileges. The most serious vulnerability has been assigned...

PT-2025-7921 · Zoom · Zoom Sdks +1

Name of the Vulnerable Software and Affected Versions: Zoom Workplace Apps and SDKs affected versions not specified Description: A use after free issue may allow an authenticated user to conduct a denial of service via network access. Recommendations: At the moment, there is no information about ...

ZendFramework Potential Cross-site Scripting in Development Environment Error View Script

The default error handling view script generated using ZendTool failed to escape request parameters when run in the "development" configuration environment, providing a potential XSS attack vector. ZendToolProjectContextZfViewScriptFile was patched such that the view script template now calls the...

Fedora: Security Advisory for qt5-qtbase (FEDORA-2024-2e27372d4c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Tinyproxy <= 1.11.1 UAF Vulnerability

Tinyproxy is prone to an use-after-free UAF vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:banu:tinyproxy"; if...

Securing AI Development in the Cloud: Navigating the Risks and Opportunities

AI-TRiSM - Trust, Risk and Security Management in the Age of AI Co-authored by Lara Sunday and Pojan Shahrivar As artificial intelligence AI and machine learning ML technologies continue to advance and proliferate, organizations across industries are investing heavily in these transformative...

[SECURITY] Fedora 40 Update: qt5-qtbase-5.15.14-1.fc40

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

CVE-2023-5751 CODESYS: Development system prone to DoS through exposure of resource to wrong sphere

A local attacker with low privileges can read and modify any users files and cause a DoS in the working directory of the affected products due to exposure of resource to wrong sphere...