6095 matches found
SUSE-SU-2025:0698-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: - CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. - CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklis...
Advisory ROSA-SA-2025-2719
Software: sudo 1.9.5p2 OS: ROSA Virtualization 3.0 packageevrstring: sudo-1.9.5p2-1 CVE-ID: CVE-2021-3156 BDU-ID: 2021-00364 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the parseargs function of the Sudo system administration program is related to a buffer overflow in dynamic memory. Exploitatio...
Advisory ROSA-SA-2025-2714
Software: openssh 8.0p1 OS: ROSA Virtualization 3.0 packageevrstring: openssh-8.0p1-19.0.1 CVE-ID: CVE-2023-38408 BDU-ID: 2023-03950 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the PKCS11 function of the PKCS11 component of the ssh-agent component of the OpenSSH cryptographic security tool ...
Advisory ROSA-SA-2025-2713
Software: openblas 2000.3.15 OS: ROSA Virtualization 3.0 packageevrstring: openblas-2000.3.15 CVE-ID: CVE-2021-4048 BDU-ID: 2021-05061 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the Microsoft Visio vector graphics, diagram and flowchart editor is related to memory usage after memory has be...
Advisory ROSA-SA-2025-2716
Software: perl 5.26.3 OS: ROSA Virtualization 3.0 packageevrstring: perl-5.26.3 CVE-ID: CVE-2020-10878 BDU-ID: 2020-04040 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PLregkindOPn == NOTHING parameter of the Perl programming language interpreter is related to integer overflow. Exploitation of...
Advisory ROSA-SA-2025-2700
Software: dnsmasq 2.79 OS: ROSA Virtualization 3.0 packageevrstring: dnsmasq-2.79-31 CVE-ID: CVE-2020-25681 BDU-ID: 2021-01117 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the sortrrset function dnssec.c of the dnsmasq DNS server is related to a buffer overflow in dynamic memory. Exploitation of...
PT-2025-25835
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel. The issue is related to the pktgen thread write function, where access outside of a user-given buffer occurred. The fix involves...
Advisory ROSA-SA-2025-2691
Software: dnsmasq 2.79 OS: ROSA Virtualization 3.0 packageevrstring: dnsmasq-2.79-31 CVE-ID: CVE-2020-25682 BDU-ID: 2021-01118 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the extractname function rfc1035.c of the dnsmasq DNS server is related to a buffer overflow in dynamic memory. Exploitation ...
Advisory ROSA-SA-2025-2688
Software: perl 0.074 OS: ROSA Virtualization 3.0 packageevrstring: perl-0.074-2 CVE-ID: CVE-2023-31486 BDU-ID: 2023-03872 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Perl HTTP::Tiny programming language library is related to errors in the TLS certificate authentication procedure. Exploitatio...
Advisory ROSA-SA-2025-2689
Software: scipy 1.0.0 OS: ROSA Virtualization 3.0 packageevrstring: scipy-1.0.0-21.0.2 CVE-ID: CVE-2023-29824 BDU-ID: 2024-07432 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the PyFindObjects function of the PyFindObjects library for the open source Python programming language scipy is relat...
Advisory ROSA-SA-2025-2683
Software: grub2 2.02 OS: ROSA Virtualization 3.0 packageevrstring: grub2-2.02-148.0.3 CVE-ID: CVE-2022-2601 BDU-ID: 2022-06819 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the grubfontconstructglyph function of the Grub2 operating systems boot loader is related to an operation exceeding buffer...
UBUNTU-CVE-2025-21700
In the Linux kernel, the following vulnerability has been resolved: net: sched: Disallow replacing of child qdisc from one parent to another Lion Ackermann was able to create a UAF which can be abused for privilege escalation with the following script Step 1. create root qdisc tc qdisc add dev lo...
2025-02 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5051974)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...
Hotfix XS82ECU1082 - For Citrix Hypervisor 8.2 Cumulative Update 1
Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2 Cumulative Update 1 and is only available to customers on theCustomer Success Servicesprogram. Note: Citrix Hypervisor 8.2 Cumulative Update 1 reaches end of life on Jun 25, 2025. Upgrade toXenServer...
Advisory ROSA-SA-2025-2673
software: curl 8.5.0 WASP: ROSA-CHROME packageevrstring: curl-8.5.0-1 CVE-ID: CVE-2023-46218 BDU-ID: 2024-02420 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the cURL command-line utility is related to the installation of "supercookie files" in Curl, which are then passed back to more sources...
Advisory ROSA-SA-2025-2669
software: python3 3.8.13 WASP: ROSA-CHROME packageevrstring: python3-3.8.13 CVE-ID: CVE-2015-20107 BDU-ID: 2022-03962 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the mailcap module of the Python programming language interpreter is related to insufficient validation of arguments passed to a...
Advisory ROSA-SA-2025-2665
software: postgresql 12.16 WASP: ROSA-CHROME packageevrstring: postgresql-12.16 CVE-ID: CVE-2023-5868 BDU-ID: 2023-07905 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to the lack of service data protection in function calls with aggregation...
Advisory ROSA-SA-2025-2664
software: openvswitch 2.17.8 OS: ROSA-CHROME packageevrstring: openvswitch-2.17.8 CVE-ID: CVE-2023-5366 BDU-ID: 2024-03244 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Open vSwitch OvS software tiered switch is related to insufficient data authentication. Exploitation of the vulnerability...
Advisory ROSA-SA-2025-2638
software: heimdal 7.8.0 WASP: ROSA-CHROME packageevrstring: heimdal-7.8.0-2 CVE-ID: CVE-2022-45142 BDU-ID: 2023-02156 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Kerberos5 heimdal protocol implementation is related to incorrect validation of the integrity check value. Exploitation of the...
Advisory ROSA-SA-2025-2615
Software: wireshark 4.0.12 OS: ROSA-CHROME packageevrstring: wireshark-4.0.12-1 CVE-ID: CVE-2023-6174 BDU-ID: 2023-08355 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SSH dissector of the Wireshark computer network traffic analyzer is related to insufficient cleaning of special elements in the...