CVE-2026-1719

The Gravity Bookings Premium plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.5.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attacke...

kernel: Linux kernel: Denial of service and memory corruption in RDMA umad

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...

PT-2026-38522

These are all security issues fixed in the libpcp-devel-6.3.8-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-38521

These are all security issues fixed in the micropython-1.28.0-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10700-1 apptainer-1.4.5-4.1 on GA media

These are all security issues fixed in the apptainer-1.4.5-4.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-38525

These are all security issues fixed in the python311-Django4-4.2.30-2.1 package on the GA media of openSUSE Tumbleweed...

RHEL 7 : firefox (RHSA-2026:13977)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:13977 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libpng:...

OPENSUSE-SU-2026:10707-1 postfix-3.11.2-1.1 on GA media

These are all security issues fixed in the postfix-3.11.2-1.1 package on the GA media of openSUSE Tumbleweed...

RHEL 8 : grafana-pcp (RHSA-2026:11514)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:11514 advisory. The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and...

RHCOS 4 : OpenShift Container Platform 4.9.22 (RHSA-2022:0557)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0557 advisory. - golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet CVE-2021-29923 - golang:...

PT-2026-38520

These are all security issues fixed in the kernel-devel-7.0.3-1.1 package on the GA media of openSUSE Tumbleweed...

HCL BigFix RunBookAI 安全漏洞

HCL BigFix RunBookAI is an AI-driven automation platform developed by the American company HCL. HCL BigFix RunBookAI has a security vulnerability, which stems from the continuous presence of insecure input texts. The processing of component inputs poses security risks, increasing the likelihood o...

PT-2026-38523

These are all security issues fixed in the podman-5.8.2-1.1 package on the GA media of openSUSE Tumbleweed...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the iris driver skipping the stopstreaming operation under incorrect conditions, resulting in...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the TMU device driver managing power state and clocking within the context of original spinlocks,...

SUSE-SU-2026:21531-1 Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes various security issues The following security issues were fixed: - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI bsc1252048. - CVE-2025-71066: net/sched: ets: Always remove class from active list before...

SUSE-SU-2026:1694-1 Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.22 fixes various security issues The following security issues were fixed: - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI bsc1252048. - CVE-2025-71066: net/sched: ets: Always remove class from active list before...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via improper handling of resource path matching and authorization checks. An attacker can gain unauthorized access to protected resources or perform unauthorized actions by crafting requests that exploit...

webkitgtk: Processing maliciously crafted web content may disclose internal states of the app

A flaw was found in WebKitGTK. Processing malicious web content can cause a memory initialization issue due to improper memory handling and result in the disclosure of the internal states of the application...

SUSE-SU-2026:21550-1 Security update for frr

This update for frr fixes the following issues: Security issues: - CVE-2025-61099: NULL Pointer Dereference in FRRouting bsc1252838. - CVE-2025-61100: NULL Pointer Dereference in FRRouting bsc1252829. - CVE-2025-61101: NULL Pointer Dereference in FRRouting bsc1252833. - CVE-2025-61102: NULL Point...