CVE-2025-46836

A flaw was found in net-tools. This vulnerability allows arbitrary code execution or a crash via improper handling of interface labels from /proc/net/dev. Mitigation To mitigate this vulnerability, disable unprivileged user-namespaces sysctl kernel.unprivilegedusernsclone=0 to remove the easiest...

libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)

A flaw was found in libxslt. This vulnerability allows an attacker to trigger a use-after-free issue by excluding result prefixes...

libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)

A flaw was found in libxslt. This vulnerability allows an attacker to trigger a use-after-free issue by excluding result prefixes...

PT-2025-22220

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue occurs when bpf redirect peer is used to redirect packets to a device in another network namespace, and the packet is not...

Security update for libxslt

This update for libxslt fixes the following issues: CVE-2025-24855: Fixed use-after-free of XPath context node bsc1239625 CVE-2024-55549: Fixed use-after-free related to excluded namespaces bsc1239637 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods li...

SUSE-SU-2025:1494-1 Security update for libxslt

This update for libxslt fixes the following issues: - CVE-2025-24855: Fixed use-after-free of XPath context node bsc1239625 - CVE-2024-55549: Fixed use-after-free related to excluded namespaces bsc1239637...

CVE-2025-46689

Ververica Platform 2.14.0 contain an Reflected XSS vulnerability via a namespaces/default/formats URI...

CVE-2025-46690

Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors via a direct namespaces/default/formats request...

Ververica Platform 安全漏洞

Ververica Platform is an integration platform from Ververica for stateful stream processing and stream analytics using open source Apache Flink. A security vulnerability exists in Ververica Platform version 2.14.0 that originates from a low-privileged user being able to access the SQL connector b...

Ververica Platform 安全漏洞

Ververica Platform is an integration platform from Ververica for stateful stream processing and stream analytics using open source Apache Flink. A security vulnerability exists in Ververica Platform version 2.14.0, which stems from the vulnerability of the namespaces/default/formats URI to...

SUSE-SU-2025:20201-1 Security update for libxslt

This update for libxslt fixes the following issues: CVE-2025-24855: Fix use-after-free of XPath context node bsc1239625 CVE-2024-55549: Fix UAF related to excluded namespaces bsc1239637 CVE-2023-40403: Make generate-id deterministic bsc1238591...

Security update for libxslt

This update for libxslt fixes the following issues: CVE-2025-24855: Fix use-after-free of XPath context node bsc1239625 CVE-2024-55549: Fix UAF related to excluded namespaces bsc1239637 CVE-2023-40403: Make generate-id deterministic bsc1238591 Patch Instructions: To install this SUSE update use t...

SUSE-SU-2025:20277-1 Security update for libxslt

This update for libxslt fixes the following issues: CVE-2025-24855: Fix use-after-free of XPath context node bsc1239625 CVE-2024-55549: Fix UAF related to excluded namespaces bsc1239637 CVE-2023-40403: Make generate-id deterministic bsc1238591...

Security update for libxslt

This update for libxslt fixes the following issues: CVE-2025-24855: Fix use-after-free of XPath context node bsc1239625 CVE-2024-55549: Fix UAF related to excluded namespaces bsc1239637 CVE-2023-40403: Make generate-id deterministic bsc1238591 Patch Instructions: To install this SUSE update use t...

ManageWiki SQL注入漏洞

ManageWiki is an extension to Miraheze open source. A SQL injection vulnerability exists in ManageWiki versions prior to f504ed8, which stems from the vulnerability to SQL injection attacks when renaming namespaces in Special:ManageWiki/namespaces...

CLSA-2025-1745052086 libxslt: Fix of CVE-2024-55549

CVE-2024-55549: fix use-after-free related to excluded namespaces...

UBUNTU-CVE-2025-22089

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Don't expose hwcounters outside of init net namespace Commit 467f432a521a "RDMA/core: Split port and device counter sysfs attributes" accidentally almost exposed hw counters to non-init net namespaces. It didn't expose...

CVE-2025-22089 RDMA/core: Don't expose hw_counters outside of init net namespace

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Don't expose hwcounters outside of init net namespace Commit 467f432a521a "RDMA/core: Split port and device counter sysfs attributes" accidentally almost exposed hw counters to non-init net namespaces. It didn't expose...

kernel: nfs: Handle error of rpc_proc_register() in nfs_net_init().

In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpcprocregister in nfsnetinit. syzkaller reported a warning 0 triggered while destroying immature netns. rpcprocregister was called in initnfsfs, but its error has been ignored since at least the initial comm...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from RDMA exposing hwcounters in non-init netns, which could lead to null pointer dereferences...