40408 matches found
SUSE-SU-2025:20704-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_4
This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to...
SUSE-SU-2025:20706-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_6
This update for kernel-livepatch-MICRO-6-0-RTUpdate6 fixes the following issues: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to...
SUSE-SU-2025:20707-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_7
This update for kernel-livepatch-MICRO-6-0-RTUpdate7 fixes the following issues: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to...
SUSE-SU-2025:20778-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_7
This update for kernel-livepatch-MICRO-6-0-RTUpdate7 fixes the following issues: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to...
SUSE-SU-2025:20701-1 Security update for kernel-livepatch-MICRO-6-0_Update_7
This update for kernel-livepatch-MICRO-6-0Update7 fixes the following issues: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235 - CVE-2025-38000: schhfsc: Fix qlen...
Security update for kernel-livepatch-MICRO-6-0_Update_7
This update for kernel-livepatch-MICRO-6-0Update7 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235 CVE-2025-38000: schhfsc: Fix qlen accountin...
SUSE-SU-2025:20698-1 Security update for kernel-livepatch-MICRO-6-0_Update_3
This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltr...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twi...
SUSE-SU-2025:20699-1 Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltr...
SUSE-SU-2025:20761-1 Security update for kernel-livepatch-MICRO-6-0_Update_6
This update for kernel-livepatch-MICRO-6-0Update6 fixes the following issues: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltr...
SUSE-SU-2025:03165-1 Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024153 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. - CVE-2025-38001: netsched: hfsc: Address...
Inside Wallarm Security Edge: Instant Protection at the API Edge
APIs are now the beating heart of digital infrastructure. But as they have risen in importance, they’ve also become prime targets for attackers. Complex, often poorly understood API behaviors present rich opportunities for exploitation, and too often, security teams are left scrambling to protect...
Advisory ROSA-SA-2025-2997
software: curl 8.7.1 OS: ROSA-CHROME unaffected versions = curl-8.7.1-4 affected versions curl-8.7.1-4 CVE-ID: CVE-2024-11053 BDU-ID: 2024-11106 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the netrc file handler of the cURL command line utility is related to insufficient protection of servic...
CVE-2025-42929
Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization group. This leads to a high impact on integrity and availability of the database...
CVE-2025-42916
Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization group. This leads to a high impact on integrity and availability of the database but no impact on...
kernel: ipv6: mcast: extend RCU protection in igmp6_send()
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6send igmp6send can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note that we no longer can use...
[Extended] Ethics in Computer Security Research: a Data-Driven Assessment of the Past, the Present, and the Possible Future
Ethical questions are discussed regularly in computer security. Still, researchers in computer security lack clear guidance on how to make, document, and assess ethical decisions in research when what is morally right or acceptable is not clear-cut. In this work, we give an overview of the...
SUSE SLES15 Security Update : kernel (Live Patch 58 for SLE 15 SP3) (SUSE-SU-2025:03154-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03154-1 advisory. This update for the Linux Kernel 5.3.18-15030059207 fixes several issues. The following security issues were fixed: - CVE-2025-38001: netsched...
SUSE SLES15 Security Update : kernel (Live Patch 50 for SLE 15 SP3) (SUSE-SU-2025:03133-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03133-1 advisory. This update for the Linux Kernel 5.3.18-15030059182 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fi...
CVE-2025-57815
Fides is an open-source privacy engineering platform. Prior to version 2.69.1, the Fides Admin UI login endpoint relies on a general IP-based rate limit for all API traffic and lacks specific anti-automation controls designed to protect against brute-force attacks. This could allow attackers to...