GHSA-JFR5-5G87-P347 vulnerabilities

Vulnerabilities for packages: mysql...

Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059174 fixes one issue. The following security issue was fixed: CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat bsc1236783. Patch Instructions: To install this SUSE update use the SUSE recommended...

Siemens SIMATIC Devices Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-3521)

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcmtxwork of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the...

openSUSE Security Advisory (openSUSE-SU-2024:0156-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:3772-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist bsc1228585. CVE-2024-36974: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP bsc1227371...

Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002322 fixes one issue. The following security issue was fixed: CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat bsc1236783. Patch Instructions: To install this SUSE update use the SUSE recommended installatio...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost that stems from a failure to properly validate input when patching and copying Boards...

Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005559 fixes several issues. The following security issues were fixed: CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist...

Exploit for OS Command Injection in Wago Compact_Controller_100_Firmware

wagoexploit.py - PoC Exploit for CVE-2023-1698 !WAGOhttp...

Security update for ovmf

This update for ovmf fixes the following issues: PXE boot is failing due to patches applied to fix CVE-2023-45236 and CVE-2023-45237 bsc1237084. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...

mysql security update

8.0.41-2 - Fix patching of logrotate 8.0.41-1 - Update to MySQL 8.0.41 8.0.40-1 - Update to MySQL 8.0.40 8.0.39-1 - Rebase to version 8.0.39 8.0.37-2 - Use signal to flush logs when rotating 8.0.37-1 - Update to MySQL 8.0.37 - Remove some legacy cmake options...

UBUNTU-CVE-2025-26618

Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...

CVE-2024-13155

The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Transparent Split Hero widget in all versions up to, and including, 1.5.140 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

Exploit for Link Following in Microsoft

CVE-2025-21420 PoC Windows Disk Cleanup Tool Elevation of Pri...

CVE-2023-37415

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Apache Hive Provider. Patching on top of CVE-2023-35797 Before 6.1.2 the proxyuser option can also inject semicolon. This issue affects Apache Airflow Apache Hive Provider: before 6.1.2. It is recommended updatin...

SUSE: Security Advisory (SUSE-SU-2024:4131-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002325 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2024-47684: tcp: check skb is non-NULL in tcprtodeltaus bsc1231993. Patch Instructions: To install...

Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059179 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2024-47684: tcp: check skb is non-NULL in tcprtodeltaus bsc1231993. Patch Instructions: To install...

Azure Linux 3.0 Security Update: nodejs / nodejs18 (CVE-2024-30260)

The version of nodejs / nodejs18 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-30260 advisory. - Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and...