175 matches found
CVE-2024-12537
Summary: CVE-2024-12537 affects open-webui/open-webui v0.3.32, where unauthenticated access to /api/v1/utils/code/format can be abused by a high-volume POST to trigger unresponsiveness. Documented impact is denial of service / service degradation. A remediation is available: upgrade to open-webui...
PT-2025-12138
Name of the Vulnerable Software and Affected Versions open-webui/open-webui version 0.3.32 Description The absence of authentication mechanisms in open-webui/open-webui allows any unauthenticated attacker to access the api/v1/utils/code/format endpoint. If a malicious actor sends a POST request...
389-ds-base bug fix update
An update is available for 389-ds-base. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The ba...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2025:0849-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0849-1 advisory. Updated to Mozilla Thunderbird 128.8 MFSA 2025-18 bsc1237683: - CVE-2024-43097: Overflow when...
SUSE-SU-2025:0849-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Updated to Mozilla Thunderbird 128.8 MFSA 2025-18 bsc1237683: - CVE-2024-43097: Overflow when growing an SkRegion's RunArray - CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process - CVE-2025-1931:...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Linux Distros Unpatched Vulnerability : CVE-2024-26992
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: x86/pmu: Disable support for adaptive PEBS Drop support for virtualizing adaptive PEBS,...
CVE-2022-49172
Summary: CVE-2022-49172 pertains to the Linux kernel parisc line. The root cause was non-access data TLB faults from flush_user_dcache_range_asm and flush_user_icache_range_asm when pages are not present, leading to cache lines not being invalidated and potential memory corruption. Impact details...
CVE-2022-49172
In the Linux kernel, the following vulnerability has been resolved: parisc: Fix non-access data TLB cache flush faults When a page is not present, we get non-access data TLB faults from the fdc and fic instructions in flushuserdcacherangeasm and flushusericacherangeasm. When these occur, the cach...
SUSE-SU-2025:0512-1 Security update for libtasn1
This update for libtasn1 fixes the following issues: - CVE-2024-12133: the processing of input DER data containing a large number of SEQUENCE OF or SET OF elements takes quadratic time to complete. bsc1236878...
Azure Linux 3.0 Security Update: edk2 / hvloader / openssl / rust (CVE-2023-2650)
The version of edk2 / hvloader / openssl / rust installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2650 advisory. - Issue summary: Processing some specially crafted ASN.1 object identifiers or data...
Hyper-V Resilient Change Tracking Performance Issues
Challenge General Hyper-V OS performance degradation can occur when using a backup solution to export Hyper-V VM snapshots during backup operations. Solution Based on investigations between Veeam and Microsoft, two underlying causes have been identified. Resilient Change Tracking Resilient Change...
SUSE-SU-2025:20046-1 Security update for runc
This update for runc fixes the following issues: Update to runc v1.1.14. Upstream changelog is available from . - CVE-2024-45310: Fixed that runc can be tricked into creating empty files/directories on host bsc1230092 Update to runc v1.1.13. Upstream changelog is available from . - Fixed a...
Security Bulletin: IBM Application Modernization Accelerator is vulnerable to multiple vulnerabilities found in Java and Node.js
Summary There are multiple vulnerabilities in Java and Node.js used by IBM Application Modernization Accelerator CVE-2024-52798, CVE-2024-21538, CVE-2024-21235, CVE-2024-21217, CVE-2024-21210, CVE-2024-21208, CVE-2024-10917, CVE-2024-47764. Vulnerability Details CVEID:CVE-2024-52798 DESCRIPTION:...
EulerOS 2.0 SP10 : dhcp (EulerOS-SA-2025-1002)
According to the versions of the dhcp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded...
SUSE SLED15: MozillaThunderbird / MozillaThunderbird-translations-common / etc (SUSE-SU-2024:4326-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4326-1 advisory. - CVE-2024-50336: Fixed insufficient MXC URI validation which could allow client-side path traversal...
CVE-2024-52798
A flaw was found in path-to-regexp. A path-to-regexp turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Mitigation Avoid using two parameters within a single path segment when the separato...
CVE-2024-52798
path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp. Upgra...
CVE-2024-52798 path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x
path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp. Upgra...
CVE-2024-52798 path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x
path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp. Upgra...