47 matches found
Exploit for CVE-2025-39946
README This is an exploit for CVE-2025-39946. It...
PT-2025-38151
Name of the Vulnerable Software and Affected Versions Jenkins versions 2.527 and earlier Jenkins LTS versions 2.516.2 and earlier Description Jenkins does not perform a permission check in the sidepanel of a page accessible to users lacking Overall/Read permission. This allows attackers without...
CVE-2025-9139
A vulnerability was determined in Scada-LTS 2.7.8.1. Affected by this vulnerability is an unknown functionality of the file /Scada-LTS/dwr/call/plaincall/WatchListDwr.init.dwr. Executing manipulation can lead to information disclosure. The attack may be performed from a remote location. The explo...
Unbreakable Enterprise kernel security update
6.12.0-100.28.2 - sched/eevdf: Fix se-slice being set to U64MAX and resulting crash Omar Sandoval - certs: Add new Oracle Linux Driver Signing key 1 certificate Sherry Yang Orabug: 37967533 - Revert 'block: sysfs option to change ioticks granularity' Gulam Mohamed Orabug: 37921776 - RDS: use...
Unbreakable Enterprise kernel security update
5.15.0-210.163.7 - crypto: qat - specify firmware files for 402xx Giovanni Cabiddu Orabug: 37030280 5.15.0-210.163.6 - Revert 'Fix userfaultfdapi to return EINVAL as expected' Vijayendra Suman Orabug: 37004422 5.15.0-210.163.5 - Revert 'bpf: Allow reads from uninit stack' Vijayendra Suman Orabug:...
Unbreakable Enterprise kernel security update
5.15.0-207.156.6 - uek-container: Add advanced routing options Boris Ostrovsky Orabug: 36691279 - slub: use countpartialfreeapprox in slaboutofmemory Jianfeng Wang Orabug: 36655468 - slub: introduce countpartialfreeapprox Jianfeng Wang Orabug: 36655468 - Revert 'lockd: introduce safe async lock o...
Unbreakable Enterprise kernel security update
4.14.35-2047.535.2.1 - netfilter: nftables: reject QUEUE/DROP verdict parameters Florian Westphal Orabug: 36467681 CVE-2024-1086 4.14.35-2047.535.2 - Fix null ptr in rdstcprecvpath Allison Henderson Orabug: 33499812 - LTS version: v4.14.338 Saeed Mirzamohammadi - crypto: scompress - initialize...
openSUSE: Security Advisory for nodejs16 (SUSE-SU-2023:3379-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:0644-1 Security update for nodejs18
This update for nodejs18 fixes the following issues: Update to 18.19.1: security updates CVE-2024-21892: Code injection and privilege escalation through Linux capabilities bsc1219992. CVE-2024-22019: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks...
Unbreakable Enterprise kernel security update
4.14.35-2047.532.3 - Revert 'mmc: core: Capture correct oemid-bits for eMMC cards' Dominique Martinet - media: dvb-usb-v2: af9035: fix missing unlock Hans Verkuil - perf/core: Fix potential NULL deref Peter Zijlstra 4.14.35-2047.532.2 - x86: change default to specstorebypassdisable=prctl...
20 bug fix and enhancement update
An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...
20 bug fix and enhancement update
An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Unbreakable Enterprise kernel security update
4.14.35-2047.530.5.1 - Revert 'rtnetlink: Reject negative ifindexes in RTMNEWLINK' Saeed Mirzamohammadi Orabug: 35896831 4.14.35-2047.530.5 - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c Kyle Zeng Orabug: 35824288 CVE-2023-42753 - netfilter: xtu32: validate...
SUSE: Security Advisory (SUSE-SU-2023:3400-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:3378-1 Security update for nodejs18
This update for nodejs18 fixes the following issues: Update to LTS version 18.17.1. - CVE-2023-32002: Fixed permissions policies bypass via Module.load bsc1214150. - CVE-2023-32006: Fixed permissions policies impersonation using module.constructor.createRequire bsc1214156. - CVE-2023-32559: Fixed...
Upgrade moment library to 2.29.2+ for LTS version as required for CVE-2022-24785 and CVE-2022-31129
Hi, Is it possible to upgrade the moment.js library to 2.29.2 on all LTS version ? It seems fixed in the 9.7.0 as this ticket seems to point https://jira.atlassian.com/browse/JRASERVER-74647 In our 9.4.2 LTS version it is still discovered as a vulnerability. Regards CWATCH team...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.523.4.1 - mm: kvmalloc does not fallback to vmalloc for incompatible gfp flags Michal Hocko Orabug: 35164196 4.14.35-2047.523.4 - rds: ib: Keep IB MRs on cleanlist unless we are tearing down the pool Hakon Bugge Orabug: 34987235 - rds: ib: Add FRWR related statistics counters Hakon...
Jenkins 安全漏洞
Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins version 2.393 and earlier, LTS version 2.375.3 and earlier. An attacker...
SUSE-SU-2023:0673-1 Security update for nodejs16
This update for nodejs16 fixes the following issues: Update to LTS version 16.19.1: - CVE-2023-23918: Fixed permissions policies that could have been bypassed via process.mainModule bsc1208481. - CVE-2023-23919: Fixed OpenSSL error handling issues in nodejs crypto library bsc1208483. -...
Unbreakable Enterprise kernel security update
4.14.35-2047.521.4 - tcp: Tunables for TCP delayed ack min and max timers Venkat Venkatsubra Orabug: 34883100 4.14.35-2047.521.3 - Revert 'random: use expired timer rather than wq for mixing fast pool' Saeed Mirzamohammadi Orabug: 34918228 4.14.35-2047.521.2 - RDS/IB: Fix the misplaced counter...