5784 matches found
SUSE-SU-2025:02402-1 Security update for the Linux Kernel (Live Patch 64 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122244 fixes several issues. The following security issues were fixed: - CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. - CVE-2025-21772: partitions: mac: fix handling of bogus partition table bsc1238912...
MGASA-2025-0210 Updated quictls packages with minor bug fixes
Miscellaneous minor bug fixes...
SUSE: Security Advisory (SUSE-SU-2025:02334-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : coreutils (SUSE-SU-2025:02354-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02354-1 advisory. Security fixes: - CVE-2025-5278: Fixed heap buffer under-read may lead to a crash or leak sensitive data bsc1243767 Other fixes: - ls: avoi...
CVE-2025-54064 rucio-server, rucio-ui, and rucio-webui vulnerable to insertion of X-Rucio-Auth-Token in apache access logfiles
Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. The common Rucio helm-charts for the rucio-server, rucio-ui, and rucio-webui define the log format for the apache access log of these components...
CVE-2025-53928 MaxKB has RCE in MCP call
MaxKB is an open-source AI assistant for enterprise. Prior to versions 1.10.9-lts and 2.0.0, a Remote Command Execution vulnerability exists in the MCP call. Versions 1.10.9-lts and 2.0.0 fix the issue...
Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to improper validation of files that are uploaded to the web-based management...
Cisco Prime Infrastructure and Evolved Programmable Network Manager Blind SQL Injection Vulnerability
A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied...
Cisco Identity Services Engine Authenticated Remote Code Execution and Authorization Bypass Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to issue commands on the underlying operating system as the root user and allow IP access filters to be bypassed. Cisco has released softwa...
Cisco Unified Intelligence Center Server-Side Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery SSRF attack through an affected device. This vulnerability is due to improper input validation for specific HTTP...
RHSA-2025:10980 Red Hat Security Advisory: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_52_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update
Bulletin has no description...
RHSA-2025:10974 Red Hat Security Advisory: kpatch-patch-4_18_0-477_43_1, kpatch-patch-4_18_0-477_67_1, kpatch-patch-4_18_0-477_81_1, kpatch-patch-4_18_0-477_89_1, and kpatch-patch-4_18_0-477_97_1 security update
Bulletin has no description...
MINI-4QG6-RRWG-79GV
Bulletin has no description...
PT-2025-29603 · Oracle · Oracle Database +1
Name of the Vulnerable Software and Affected Versions: Oracle Database versions 19.3 through 19.27 Oracle Database versions 23.4 through 23.8 Description: This issue affects the Oracle Database component of Oracle Database Server. A low-privileged attacker with Create Session and Create Procedure...
Stable Channel Update for Desktop
The Stable channel has been updated to 138.0.7204.157/.158 for Windows, Mac and 138.0.7204.157 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept...
Fedora 42 : helix / rust-blazesym-c / rust-clearscreen / rust-gitui / etc (2025-0cde7282be)
The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-0cde7282be advisory. rust-which 8.0.0 - Add new Sys trait to allow abstracting over the underlying filesystem. Particularly useful for wasm32-unknown-unknown targets. Thanks...
GHSA-9MP4-77WG-RWX9 @clerk/backend Performs Insufficient Verification of Data Authenticity
Impact Applications that use the verifyWebhook helper to verify incoming Clerk webhooks are susceptible to accepting improperly signed webhook events. Patches @clerk/backend: the helper has been patched as of 2.4.0 @clerk/astro: the helper has been patched as of 2.10.2 @clerk/express: the helper...
CGA-P5QG-MPGW-8827
Bulletin has no description...
PT-2025-29253
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 22.2R3-S7 Juniper Networks Junos OS versions 22.4 through 22.4R3-S5 Juniper Networks Junos OS versions 23.2 through 23.2R2-S3 Juniper Networks Junos OS versions 23.4 through 23.4R2-S3 Juniper Networ...
PT-2025-29247 · Juniper Networks · Junos Evolved +1
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 21.2R3-S9 Juniper Networks Junos OS versions 21.4 through 21.4R3-S11 Juniper Networks Junos OS versions 22.2 through 22.2R3-S7 Juniper Networks Junos OS versions 22.4 through 22.4R3-S7 Juniper...