CVE-2025-46836

net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities like ifconfig from the net-tools package do not properly validate the structure of /proc files when...

GHSA-GMG8-593G-7MV3 vulnerabilities

Vulnerabilities for packages: opensearch...

CVE-2024-43420

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel AtomR processors may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2025-20623

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Core™ processors 10th Generation may allow an authenticated user to potentially enable information disclosure via local access...

Updated postgresql15 & postgresql13 packages fix security vulnerability

PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation. CVE-2025-4207...

CVE-2025-4658

Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...

CVE-2025-47278

Flask is a web server gateway interface WSGI web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the itsdangerous library. A list of keys can...

Moderate: Red Hat Security Advisory: 389-ds-base security update

An update for 389-ds-base is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

SUSE CVE-2025-47816

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxmlparseattributes out-of-bounds read, related to extra content at the end of a document...

CVE-2025-24495

Incorrect initialization of resource in the branch prediction unit for some IntelR Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access...

Important: yelp security update

Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including traditional man pages, info pages and documentation written in DocBook. Security Fixes: yelp: Arbitrary file read CVE-2025-3155 For more details...

Moderate: expat security update

Expat is a C library for parsing XML documents. Security Fixes: libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat CVE-2024-8176 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to th...

CVE-2025-37874

In the Linux kernel, the following vulnerability has been resolved: net: ngbe: fix memory leak in ngbeprobe error path When ngbeswinit is called, memory is allocated for wx-rsskey in wxinitrsskey. However, in ngbeprobe function, the subsequent error paths after ngbeswinit don't free the rsskey. F...

CVE-2025-37852

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: handle amdgpucgscreatedevice errors in amdpowerplaycreate Add error handling to propagate amdgpucgscreatedevice failures to the caller. When amdgpucgscreatedevice fails, release hwmgr and return -ENOMEM to prevent nul...

CVE-2025-37879

In the Linux kernel, the following vulnerability has been resolved: 9p/net: fix improper handling of bogus negative read/write replies In p9clientwrite and p9clientreadonce, if the server incorrectly replies with success but a negative write/read count then we would consider written negative 3...

CVE-2025-37881

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed: Add NULL pointer check in astvhubinitdev The variable d-name, returned by devmkasprintf, could be NULL. A pointer check is added to prevent potential NULL pointer dereference. This is similar to the fix in...

CVE-2025-37843

In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Avoid unnecessary device replacement check Hot-removal of nested PCI hotplug ports suffers from a long-standing race condition which can lead to a deadlock: A parent hotplug port acquires pcilockrescanremove, then...

CVE-2025-37888

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix null-ptr-deref in mlx5createinner,ttctable Add NULL check for mlx5getflownamespace returns in mlx5createinnerttctable and mlx5createttctable to prevent NULL pointer dereference...

CVE-2025-37878

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix WARNON!ctx in freeevent for partial init Move the getctxchildctx call and the childevent-ctx assignment to occur immediately after the child event is allocated. Ensure that childevent-ctx is non-NULL before any...

CVE-2025-37872

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix memory leak in txgbeprobe error path When txgbeswinit is called, memory is allocated for wx-rsskey in wxinitrsskey. However, in txgbeprobe function, the subsequent error paths after txgbeswinit don't free the...