Low: Red Hat Security Advisory: xorg-x11-server security update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

xorg: xmayland: Value overflow in XkbSetCompatMap()

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

xorg: xmayland: Value overflow in XkbSetCompatMap()

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

GeoServer 代码问题漏洞

GeoServer is GeoServer open source an open source software server written in Java. It allows users to share and edit geospatial data. A code issue vulnerability exists in GeoServer versions 2.26.0 through prior to 2.26.2 and prior to 2.25.6, which stems from insufficiently cleaned or restricted X...

PT-2025-48090

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to version 2.25.0, a reflected cross-site scripting XSS vulnerability exists in the WMS GetFeatureInfo HTML output format that enables a remote attacker to execute arbitrary JavaScript code in a victim's...

RHEL 9 : buildah (RHSA-2025:22011)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22011 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a...

RHEL 8 : tigervnc (RHSA-2025:22077)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22077 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...

AlmaLinux 10 : xorg-x11-server-Xwayland (ALSA-2025:21035)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:21035 advisory. xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland: Use-after-free in Xkb client resource removal...

ALSA-2025:22012 Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

ALSA-2025:22011 Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

EUVD-2025-199139

Malicious code in inmaa-map npm...

Malicious code in inmaa-map (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14a71a1334fb3a18076752ed1d28b6fa7cc43dc4f4b612d102624e00dcdf53cb The package inmaa-map was found to contain malicious code. Source: ghsa-malware 56eac0e53cd10844280484abbd6456539bce6cd1e970a33a3707d49612ac8a88 Any...

MAL-2025-191110 Malicious code in inmaa-map (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14a71a1334fb3a18076752ed1d28b6fa7cc43dc4f4b612d102624e00dcdf53cb The package inmaa-map was found to contain malicious code. Source: ghsa-malware 56eac0e53cd10844280484abbd6456539bce6cd1e970a33a3707d49612ac8a88 Any...

Linux Distros Unpatched Vulnerability : CVE-2025-0033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control within AMD SEV-SNP could allow an admin privileged attacker to write to the RMP during SNP initialization, potentially resulting in a lo...

WordPress Extensions for Leaflet Map plugin <= 4.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Extensions for Leaflet Map versions = 4.8...

CVE-2025-66093

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hupe13 Extensions for Leaflet Map extensions-leaflet-map allows DOM-Based XSS.This issue affects Extensions for Leaflet Map: from n/a through = 4.8...

CVE-2025-66098

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Camille V Travelers' Map travelers-map allows Stored XSS.This issue affects Travelers' Map: from n/a through = 2.3.2...

RLSA-2025:21815 Moderate: delve and golang security update

The Go Programming Language. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the...

delve and golang security update

An update is available for golang, delve. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Go Programming Language. Security Fixes: golang: archive/tar:...

EUVD-2025-198455

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hupe13 Extensions for Leaflet Map extensions-leaflet-map allows DOM-Based XSS.This issue affects Extensions for Leaflet Map: from n/a through = 4.8...