DEBIAN-CVE-2025-49794

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's...

ALPINE-CVE-2025-49794

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's...

CVE-2025-49794

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid out-of-bounds access in f2fstruncateinodeblocks syzbot reports an UBSAN issue as follows: ------------ cut here --- UBSAN: Array-index out-of-bounds in fs/f2fs/node.h:381:10 Index 18446744073709550692 is out ...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: pktgen: Avoid out-of-bounds access in getimixentries Passing a sufficient amount of imix entries leads to invalid access to the pktdev-imixentries array due to incorrect boundary checks. UBSAN: Array-index out-of-bounds in...

Astra Linux – Vulnerability in Firefox

A vulnerability was identified in Thunderbird, where XPath parsing could trigger undefined behavior due to the lack of null checks during attribute access. This could lead to out-of-bounds read access and, potentially, memory corruption. This vulnerability has been fixed in Firefox 138, Firefox E...

Astra Linux – Vulnerability in coreutils

The vulnerability of the factor utility in the GNU Core Utilities suite is related to its dependence on behaviors that are undefined for each type of implementation. Exploiting this vulnerability allows an attacker to cause a service failure...

OESA-2025-1626 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written...

CVE-2025-49794

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's...

SUSE CVE-2025-4638

A vulnerability exists in the inftrees.c component of the zlib library, which is bundled within the PointCloudLibrary PCL. This issue may allow context-dependent attackers to cause undefined behavior by exploiting improper pointer arithmetic. Since version 1.14.0, PCL by default uses a zlib...

SUSE: Security Advisory (SUSE-SU-2025:01776-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

zlib: Out-of-bound pointer arithmetic in inftrees.c

A vulnerability was discovered in the inftrees.c file of zlib. Pointer arithmetic operations violate the C standard by subtracting an offset from an array pointer before its allocated memory, leading to undefined behavior...

Amazon Linux 2023 : firefox (ALAS2023-2025-976)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-976 advisory. An issue in sqlite v.3.49.0 allows an attacker to cause a denial of service via the SQLITEDBCONFIGLOOKASIDE component CVE-2025-29088 A process isolation vulnerability in Firefox stemmed from...

openSUSE Security Advisory (SUSE-SU-2025:01776-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : iputils (SUSE-SU-2025:01777-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:01777-1 advisory. - CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300 Tenable has extracted the preceding description...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : iputils (SUSE-SU-2025:01776-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:01776-1 advisory. - CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300...

SUSE-SU-2025:01779-1 Security update for iputils

This update for iputils fixes the following issues: Security fixes: - CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300. Other bug fixes: - Fixed incorrect IPV4 TTL value when using SOCKDGRAM on big endian systems bsc1243284...

Security update for iputils

This update for iputils fixes the following issues: CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2025:01777-1 Security update for iputils

This update for iputils fixes the following issues: - CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300...

Security update for iputils

This update for iputils fixes the following issues: CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...