CVE-2025-38145 affecting package kernel for versions less than 6.6.96.1-1

CVE-2025-38145 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...

CVE-2025-38227 affecting package kernel for versions less than 6.6.96.1-1

CVE-2025-38227 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...

CVE-2025-38214 affecting package kernel for versions less than 6.6.96.1-1

CVE-2025-38214 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...

CVE-2025-38063 affecting package kernel for versions less than 6.6.96.1-1

CVE-2025-38063 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...

CVE-2025-38337 affecting package kernel for versions less than 6.6.96.1-1

CVE-2025-38337 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...

CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

firefox: thunderbird: Memory safety bugs

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140, and Thunderbird 140. Some of these bugs showed...

firefox: thunderbird: Memory safety bugs

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140, and Thunderbird 140. Some of these bugs showed...

firefox: thunderbird: Memory safety bugs

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs are present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140, and Thunderbird 140. Some...

CVE-2025-53008

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 9.3.1 through 10.0.19, a connected user can use a malicious payload to steal mail receiver...

glib: buffer overflow in set_connect_msg()

A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4CONNMSGLEN. This issue may lead to an application crash or other undefined behavior...

libxml: Heap use after free (UAF) leads to Denial of service (DoS)

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's...

libxml: Type confusion leads to Denial of service (DoS)

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...

SUSE CVE-2023-53161

The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic...

SUSE CVE-2025-29917

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decodebase64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per...

sqlite security update

3.34.1-8 - Fixes CVE-2025-6965...

CVE-2024-58262

The curve25519-dalek crate before 4.1.3 for Rust has a constant-time operation on elliptic curve scalars that is removed by LLVM...

CVE-2025-38452

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: rtsn: Fix a null pointer dereference in rtsnprobe Add check for the return value of rcargen4ptpalloc to prevent potential null pointer dereference...

git: Git arbitrary code execution

A line-end handling flaw was found in Git. When writing a config entry, values with a trailing carriage return CR are not quoted, resulting in the CR being lost when the config is read later. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read,...

SUSE CVE-2025-7783

Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution HPP. This vulnerability is associated with program files lib/formdata.Js. This issue affects form-data: 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3...