GHSA-H828-V5PV-33QX vulnerabilities

Vulnerabilities for packages: juicefs...

CVE-2025-38390

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf "firmware: armffa: Add interfaces to request notification callbacks" adds support for notifier callbacks by allocating and inserting a callba...

GHSA-8XJP-C72J-67Q8 vulnerabilities

Vulnerabilities for packages: glibc...

CVE-2025-40777 vulnerabilities

Vulnerabilities for packages: bind...

CVE-2025-47281 vulnerabilities

Vulnerabilities for packages: kyverno-notation-aws, kyverno-notation-aws-fips...

CVE-2025-40913 affecting package tcl for versions less than 8.6.13-2

CVE-2025-40913 affecting package tcl for versions less than 8.6.13-2. A patched version of the package is available...

CVE-2025-50151

File access paths in configuration files uploaded by users with administrator access are not validated. This issue affects Apache Jena version up to 5.4.0. Users are recommended to upgrade to version 5.5.0, which does not allow arbitrary configuration upload...

CVE-2025-54314

Removed by vendor...

CVE-2025-7797

A vulnerability was found in GPAC up to 2.4. It has been rated as problematic. Affected by this issue is the function gfdashdownloadinitsegment of the file src/mediatools/dashclient.c. The manipulation of the argument baseiniturl leads to null pointer dereference. The attack may be launched...

CVE-2025-53901

Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.4, 33.0.2, and 34.0.2, a bug in Wasmtime's implementation of the WASIp1 set of import functions can lead to a WebAssembly guest inducing a panic in the host embedder. The specific bug is triggered by calling pathopen after calling...

[SECURITY] Fedora 42 Update: rust-sequoia-octopus-librnp-1.11.1-1.fc42

Reimplementation of RNP's interface using Sequoia for use with Thunderbird...

Critical Photon OS Security Update - PHSA-2025-4.0-0834

Updates of 'libxml2', 'linux', 'kafka' packages of Photon OS have been released...

CVE-2025-53964

Removed by vendor...

CVE-2025-30754

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0....

CVE-2025-50097

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

CVE-2025-50093

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

CVE-2025-50084

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

CVE-2025-37797 affecting package kernel for versions less than 6.6.92.2-1

CVE-2025-37797 affecting package kernel for versions less than 6.6.92.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-37857 affecting package kernel for versions less than 6.6.92.2-1

CVE-2025-37857 affecting package kernel for versions less than 6.6.92.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-37770 affecting package kernel for versions less than 6.6.92.2-1

CVE-2025-37770 affecting package kernel for versions less than 6.6.92.2-1. An upgraded version of the package is available that resolves this issue...