CVE-2024-53689

Removed by vendor...

CVE-2024-52332

In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igbinitmodule The pciregisterdriver can fail and when this happened, the dcanotifier needs to be unregistered, otherwise the dcanotifier can be called when igb fails to install, resulti...

[SECURITY] Fedora 40 Update: openjpeg2-2.5.3-1.fc40

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profile-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple...

thunderbird security update

128.6.0-3.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.6.0 - Add OpenELA debranding 128.6.0-3 - Update to 128.6.0 build3 128.6.0-1 - Update to 128.6.0 build1...

CVE-2025-22145

Carbon is an international PHP extension for DateTime. Application passing unsanitized user input to Carbon::setLocale are at risk of arbitrary file include, if the application allows users to upload files with .php extension in an folder that allows include or require to read it, then they are a...

CVE-2024-56783

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: remove WARNONONCE on maximum cgroup level cgroup maximum depth is INTMAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove...

CVE-2024-56786

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-56777

In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in stigdpatomiccheck The return value of drmatomicgetcrtcstate needs to be checked. To avoid use of error pointer 'crtcstate' in case of the failure. drm/sti: avoid potential...

CVE-2024-51442

Command Injection in Minidlna version v1.3.3 and before allows an attacker to execute arbitrary OS commands via a specially crafted minidlna.conf configuration file...

CVE-2025-0246

When using an invalid protocol scheme, an attacker could spoof the address bar. Note: This issue only affected Android operating systems. Other operating systems are unaffected. Note: This issue is a different issue from CVE-2025-0244. This vulnerability was fixed in Firefox 134...

CVE-2024-12425

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal. An attacker can write to arbitrary locations, albeit suffixed with ".ttf", by supplying a file in a format that supports embedded font...

CVE-2024-12426

Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remo...

CVE-2024-51741

Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem is fixed in Redis 7.2.7 and 7.4.2...

CVE-2025-21614

go-git is a highly extensible git implementation library written in pure Go. A denial of service DoS vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git serve...

CVE-2024-56332 vulnerabilities

Vulnerabilities for packages: jitsucom-jitsu...

CVE-2024-56721

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Terminate the erratum1386microcode array The erratum1386microcode array requires an empty entry at the end. Otherwise x86matchcpuwithstepping will continue iterate the array after it ended. Add an empty entry to...

CVE-2024-56754

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Fix the pointer passed to caamqishutdown The type of the last parameter given to devmaddactionorreset is "struct caamdrvprivate ", but in caamqishutdown, it is casted to "struct device ". Pass the correct parameter...

CVE-2024-56727

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2mboxgetrsp errors in otx2flows.c Adding error pointer check after calling otx2mboxgetrsp...

CVE-2024-56754

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Fix the pointer passed to caamqishutdown The type of the last parameter given to devmaddactionorreset is "struct caamdrvprivate ", but in caamqishutdown, it is casted to "struct device ". Pass the correct parameter...

CVE-2024-56755

In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHEVOLUMECREATING In fscachecreatevolume, there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situation where, after a...