1835 matches found
CVE-2026-47732
Twig Sandbox: multiple __toString() policy bypasses via unguarded string coercion points existed prior to 3.26.0, enabling string coercion of Stringable operands through various constructs (conditional expressions, matches operator, loose comparisons, tests, template-loading tags, dynamic attribu...
OPENSUSE-SU-2026:21325-1 Security update for cryptsetup
This update for cryptsetup fixes the following issues: Changes in cryptsetup: - Fix for bsc1270254 to avoid undesired pinning of all volume keys via the thread keyring through the caller's credentials when the kernel opens a file. This is due to the refactoring in kernel commit a28d893eb327 "md:...
OPENSUSE-SU-2026:21265-1 Security update for cadvisor
This update for cadvisor fixes the following issues: Changes in cadvisor: - update to 0.60.3: Move OOM watching out of the lib module into the binary lib/model: make ContainerStats sub-stats pointers to convey collection presence - update to 0.60.1: cpuload/netlink: report the real error and skip...
[SECURITY] Fedora 44 Update: os-autoinst-5^20260601git6ee8da2-1.fc44
The OS-autoinst project aims at providing a means to run fully automated tests. Especially to run tests of basic and low-level operating system components such as bootloader, kernel, installer and upgrade, which can not easily and safely be tested with other automated testing frameworks. However,...
[SECURITY] Fedora 44 Update: openqa-5^20260604git6376095-3.fc44
openQA is a testing framework that allows you to test GUI applications on one hand and bootloader and kernel on the other. In both cases, it is difficult to script tests and verify the output. Output can be a popup window or it can be an error in early boot even before init is executed. openQA is...
SUSE SLES12 Security Update : opensc (SUSE-SU-2026:2678-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2678-1 advisory. This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses...
SUSE-SU-2026:2678-1 Security update for opensc
This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer-overflow write bsc1261220. - CVE-2026-10275: global buffer overflow duri...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: podman: podman-6.0.0-1.hum1 aarch64, x8664 podman-docker-6.0.0-1.hum1 noarch podman-machine-6.0.0-1.hum1 aarch64, x8664 podman-remote-6.0.0-1.hum1 aarch64, x8664 podman-tests-6.0.0-1.hum1 aarch64...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Team: Move teamdevicetypechange to the end of teamportadd. Attempting to add a port device that is already up will, unsurprisingly, fail. However, this failure occurs before modifying the teamdeviceheaderops. In the case of the...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed inconsistencies in e4b bitmap reports An inconsistency issue with the bitmap was observed during stress tests under mixed huge-page workloads. Ext4 reported multiple e4b bitmap check failures, such as:...
skopeo security update
1:1.22.2-6 - Rebuild for CVE-2026-32283 - Resolves: RHEL-167688 1:1.22.2-5 - Rebuild for CVE-2026-25679 - Re-add test file installation to fix tier0 tests - Resolves: RHEL-158789...
Oracle Linux 9 : buildah (ELSA-2026-19186)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-19186 advisory. - fixes CVE-2026-34986 - Rebuild for new golang to address CVE-2025-61726 Tenable has extracted the preceding description block directly from the Oracle Linux...
Amazon Linux 2023 : perl-DBI, perl-DBI-tests (ALAS2023-2026-1850)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1850 advisory. DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of t...
[SECURITY] Fedora 43 Update: python3.13-3.13.14-1.fc43
Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.13 package provides the "python3.13" executable:...
[SECURITY] Fedora 44 Update: python3.13-3.13.14-1.fc44
Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.13 package provides the "python3.13" executable:...
@acastellon/auth: Authentication bypass via spoofable headers in validateToken()
@acastellon/auth v2.2.0 appears to allow an unauthenticated authentication bypass in validateToken through spoofable auth-user and Host request headers. The validateToken middleware contains a service-to-service bypass for auth-user: service-brother when req.get'host'.startsWithgetHostName. Both...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: netavark: netavark-2.0.0-1.hum1 aarch64, x8664 netavark-tests-2.0.0-1.hum1 aarch64, x8664 netavark-2.0.0-1.hum1.src src...
Siemens RUGGEDCOM RST2428P Incorrect Bitwise Shift of Integer (CVE-2025-40281)
In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible shift-out-of- bounds 1 Blamed commit added rtoalphamax and rtobetamax set to 1000. It is unclear if some sctp users are setting very...
OPENSUSE-SU-2026:20986-1 Security update for perl-Crypt-SaltedHash
This update for perl-Crypt-SaltedHash fixes the following issues: Changes in perl-Crypt-SaltedHash: updated to 0.110.0 0.11 0.11 2026-05-20 14:05:07+01:00 Europe/London - Fixed metadata - Moved author tests into xt 0.10 2026-05-19 - Maintenance taken over by Robert Rothenberg - Updated the Git...
SUSE-SU-2026:22103-1 Security update for opensc
This update for opensc fixes the following issues - CVE-2026-10275: global buffer overflow during key pair generation tests due to missing input validation bsc1267246. - CVE-2026-40528: stack and heap buffer overrun in the dokeyvalue function due to missing length check allows for memory corrupti...