April 11, 2025—KB5058920 (OS Build 20348.3561) Out-of-band

April 11, 2025—KB5058920 OS Build 20348.3561 Out-of-band For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview of Windows Server 2022, see its update history page.Be sure to follow @WindowsUpdate to find out when n...

openSUSE Security Advisory (openSUSE-SU-2024:0300-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-24529

An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab...

CVE-2025-21660

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix unexpectedly changed path in ksmbdvfskernpathlocked When ksmbdvfskernpathlocked met an error and it is not the last entry, it will exit without restoring changed path buffer. But later this buffer may be used as the...

CVE-2024-57894

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-57892

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix slab-use-after-free due to dangling pointer dqipriv When mounting ocfs2 and then remounting it as read-only, a slab-use-after-free occurs after the user uses a syscall to quotagetnextquota. Specifically, sbdqinfosb,...

CVE-2025-21364

creationtimestamp| type| source ---|---|--- 2025-01-14 17:29:48+00:00| seen| https://www.thezdi.com/blog/2025/1/14/the-january-2025-security-update-review 2025-01-14 18:23:05+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpuniot7o2e 2025-01-14 19:51:53+00:00| seen|...

CVE-2024-57640

An issue in the dcaddint component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2024-57644

An issue in the itchashcompare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

PT-2025-1124 · Ivanti · Ivanti Epm

Name of the Vulnerable Software and Affected Versions: Ivanti EPM versions prior to 2024 January-2025 Security Update Ivanti EPM versions prior to 2022 SU6 January-2025 Security Update Description: The issue is related to an out-of-bounds read in Ivanti EPM, which allows a local authenticated...

PT-2025-1135

Name of the Vulnerable Software and Affected Versions Ivanti EPM versions before 2024 January-2025 Security Update Ivanti EPM versions before 2022 SU6 January-2025 Security Update Description The issue is related to absolute path traversal in Ivanti EPM, allowing a remote unauthenticated attacker...

PT-2025-1134

Name of the Vulnerable Software and Affected Versions Ivanti EPM versions before 2024 January-2025 Security Update Ivanti EPM versions before 2022 SU6 January-2025 Security Update Description The issue is related to an absolute path traversal in Ivanti EPM, which can be exploited by a remote...

PT-2025-1126 · Ivanti · Ivanti Epm

Name of the Vulnerable Software and Affected Versions: Ivanti EPM versions prior to 2024 January-2025 Security Update Ivanti EPM versions prior to 2022 SU6 January-2025 Security Update Description: The issue is related to improper signature verification in Ivanti EPM, which can allow a remote...

CVE-2024-57875

In the Linux kernel, the following vulnerability has been resolved: block: RCU protect disk-convzonesbitmap Ensure that a disk revalidation changing the conventional zones bitmap of a disk does not cause invalid memory references when using the diskzoneisconv helper by RCU protecting the...

CVE-2024-56830

The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand if no strong randomization module is present...

CVE-2024-56727

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2mboxgetrsp errors in otx2flows.c Adding error pointer check after calling otx2mboxgetrsp...

CVE-2024-56702

In the Linux kernel, the following vulnerability has been resolved: bpf: Mark rawtp arguments with PTRMAYBENULL Arguments to a raw tracepoint are tagged as trusted, which carries the semantics that the pointer will be non-NULL. However, in certain cases, a raw tracepoint argument may end up being...

CVE-2024-56586

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix f2fsbugon when uninstalling filesystem call f2fsevictinode. creating a large files during checkpoint disable until it runs out of space and then delete it, then remount to enable checkpoint again, and then unmount the...

CVE-2024-53213

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation In lan78xxprobe, the buffer buf was being freed twice: once implicitly through usbfreeurbdev-urbintr with the URBFREEBUFFER flag and again explicitly by...

CVE-2024-53234

In the Linux kernel, the following vulnerability has been resolved: erofs: handle NONHEAD !delta1 lclusters gracefully syzbot reported a WARNING in iomapiterdone: iomapfiemap+0x73b/0x9b0 fs/iomap/fiemap.c:80 ioctlfiemap fs/ioctl.c:220 inline Generally, NONHEAD lclusters won't have delta1==0, exce...