PT-2025-34624 · Libbiosig +1 · Libbiosig +1

Name of the Vulnerable Software and Affected Versions: libbiosig versions 3.9.0 and Master Branch 35a819fa Description: An integer overflow vulnerability exists in the GDF parsing functionality. A specially crafted GDF file can lead to arbitrary code execution. An attacker can provide a malicious...

PT-2025-3659 · Linux +3 · Linux Kernel +3

The Linux kernel has resolved a NULL Pointer Dereference issue in its fgraph component. The problem occurred in the ftrace return to handler function, where a loop iterates over fgraph array elements. If the compiler reloads fgraph array after checking for a fgraph stub, it may conflict with an...

UBUNTU-CVE-2024-8116

An issue has been discovered in GitLab CE/EE affecting all versions from 16.9 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. By using a specific GraphQL query, under specific conditions an unauthorized user can retrieve branch names...

GitLab 日志信息泄露漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. GitLab suffers from a log information disclosure vulnerability that stems from...

Malicious code in spinal-env-viewer-graph-service (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15cfd840bc992aaee2f17022820c0f005a0e47a499c6939bc0ee0c5635cd47fe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in graph-studio-billing-contracts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware afd4325b249b7dfad124c21ffe39f85d2e38f1b6c2d31361f81e821adb8365ea Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Nextcloud Resource Management Error Vulnerability

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud suffers from a resource management error vulnerability that stems from the fact that due to a pre-sent HEAD request, the link reference provider...

UBUNTU-CVE-2024-52763

A cross-site scripting XSS vulnerability in the component /graphallperiods.php of Ganglia-web v3.73 to v3.75 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "g" parameter...

PT-2024-35428 · Unknown +1 · Ganglia-Web +1

Name of the Vulnerable Software and Affected Versions: Ganglia-web versions 3.73 through 3.75 Description: A cross-site scripting XSS issue exists in the /graph all periods.php component, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the g...

SUSE SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2024:3987-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3987-1 advisory. Update to version jdk8u432 icedtea-3.33.0: - CVE-2024-21208: Enhance HTTP client bsc1231702. - CVE-2024-21210: Improve handling of vectorizatio...

Nextcloud 资源管理错误漏洞

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud suffers from a resource management error vulnerability that stems from the fact that due to a pre-sent HEAD request, the link reference provider...

Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update to version jdk8u432 icedtea-3.33.0: CVE-2024-21208: Enhance HTTP client bsc1231702. CVE-2024-21210: Improve handling of vectorization bsc1231711. CVE-2024-21217: Improve deserialization support bsc1231716. CVE-2024-21235: Improve...

ALSA-2024:9473 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 dompurify:...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : java-17-openjdk (SUSE-SU-2024:3963-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3963-1 advisory. - Update to upstream tag jdk-17.0.13+11 October 2024 CPU Security fixes + JDK-8307383: Enhance...

SUSE: Security Advisory (SUSE-SU-2024:3963-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:3963-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:3963-1 Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: - Update to upstream tag jdk-17.0.13+11 October 2024 CPU Security fixes + JDK-8307383: Enhance DTLS connections + JDK-8290367, JDK-8332643: Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : java-21-openjdk (SUSE-SU-2024:3954-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3954-1 advisory. - Update to upstream tag jdk-21.0.5+13 October 2024 CPU Security fixes + JDK-8307383: Enhance DT...

RLSA-2024:8678 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-fips: Golang FIPS zeroed buffer CVE-2024-9355 dompurify: nesting-based mutation XSS vulnerability CVE-2024-47875 For more details about the security issues, includi...

Security update for java-21-openjdk

This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.5+13 October 2024 CPU Security fixes JDK-8307383: Enhance DTLS connections JDK-8311208: Improve CDS Support JDK-8328286, CVE-2024-21208, bsc1231702: Enhance HTTP client JDK-8328544, CVE-2024-21210,...