SUSE-SU-2026:20085-1 Security update for bind

This update for bind fixes the following issues: - Upgrade to release 9.20.15 Security Fixes: CVE-2025-40778: Fixed cache poisoning attacks with unsolicited RRs bsc1252379 CVE-2025-40780: Fixed cache poisoning due to weak PRNG bsc1252380 CVE-2025-8677: Fixed resource exhaustion via malformed DNSK...

SUSE CVE-2025-8283

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...

CVE-2025-8283

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...

CVE-2025-8283

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...

Red Hat Enterprise Linux 安全漏洞

Red Hat Enterprise Linux is a Linux operating system for business users from the American company Red Hat. A security vulnerability exists in Red Hat Enterprise Linux that stems from a DNS search domain removal that could cause connections to be forwarded to an unexpected external server...

CVE-2018-20864

cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain SEC-454...

The vulnerability of the scmi_perf_domain_remove() function in the drivers/pmdomain/arm/scmi_perf_domain.c driver of the System Control and Management Interface (SCMI) kernel of the Linux operating system allows a malicious actor to cause a service failure.

The vulnerability of the scmiperfdomainremove function in the drivers/pmdomain/arm/scmiperfdomain.c file of the System Control and Management Interface SCMI driver for the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker ...

kernel: PM: domains: Fix sleep-in-atomic bug caused by genpd_debug_remove()

In the Linux kernel, the following vulnerability has been resolved: PM: domains: Fix sleep-in-atomic bug caused by genpddebugremove When a genpd with GENPDFLAGIRQSAFE gets removed, the following sleep-in-atomic bug will be seen, as genpddebugremove will be called with a spinlock being held...

DEBIAN-CVE-2022-42322

Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...

CVE-2022-42323

Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...

The vulnerability of the server management application CentOS Web Panel arises due to insufficient validation of input data. This allows a hacker to remove a domain from a user’s account.

The vulnerability of the CentOS Web Panel server management application exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to remove a domain from a user’s account remotely...

The vulnerability of the astra-winbind component of the Astra Linux operating system allows a perpetrator to gain access to confidential data and compromise its integrity.

The vulnerability of the astra-winbind component of the Astra Linux operating system is related to incorrect cleaning of PAM records when a node is removed from the domain, as well as the creation of publicly accessible resources during initialization. Exploiting this vulnerability allows an...

CVE-2018-20864

cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain SEC-454...

Design/Logic Flaw

cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain SEC-454...