43 matches found
.NET 9.0 Update - January 13, 2026
.NET 9.0 Update - January 13, 2026 .NET 9.0 has been refreshed with the latest update as of January 13, 2026. This update contains non-security fixes. See the release notes for details about updated packages..NET 9.0 servicing updates are upgrades. The latest servicing update for 9.0 will remove...
XenServer Security Update for CVE-2025-62626
Severity: Medium Description of Problem A hardware issue has been identified in AMD Zen 5 CPU devices that may cause those CPUs to return a value of zero more frequently than statistically expected when asked to generate a random value. This may compromise e.g. cryptographic keys that are generat...
Description of the security update for Office 2016: November 11, 2025 (KB5002810)
Description of the security update for Office 2016: November 11, 2025 KB5002810 Summary This security update resolves a Microsoft Excel information disclosure vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common Vulnerabilities and Exposure...
KB5065767: Servicing stack update for Windows Server 2012 R2: September 9, 2025
KB5065767: Servicing stack update for Windows Server 2012 R2: September 9, 2025 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devic...
Linux Distros Unpatched Vulnerability : CVE-2022-47653
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in eac3updatechannels function of mediatools/avparsers.c:9113 CVE-2022-47653 Note that...
XenServer Security Update for CVE-2024-36350 and CVE-2024-36357
Severity: Medium Description of Problem AMD has disclosed several security issues affecting AMD CPUs. These CPU hardware issues may allow code in a guest VM to infer some active memory content of another VM that is running on the same host. Although these are not vulnerabilities in the XenServer...
XenServer Security Update for CVE-2025-27465
Severity: Medium Description of Problem An issue has been identified in XenServer 8.4 that may allow privileged code in a guest VM to cause the host to crash or become unresponsive. This issue has the following identifier: CVE-2025-27465 Affected Versions This issue affects XenServer 8.4. Note th...
Linux Distros Unpatched Vulnerability : CVE-2020-1946
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache SpamAssassin before 3.4.5, malicious rule configuration .cf files can be configured to run system commands without any output or errors. With this,...
UBUNTU-CVE-2025-21799
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65cpswnussremovetxchns When getting the IRQ we use k3udmagluetxgetirq which returns negative error value on error. So not NULL check is not sufficient to deteremine if IRQ is...
May 14, 2024-KB5038282 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows Server 2022
May 14, 2024-KB5038282 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows Server 2022 Release Date: May 14, 2024 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the security and cumulative update for 3.5, 4.8 and 4.8.1 for Windows Server 2022. Security...
Edge browser feature sends images you view back to Microsoft
A relatively new service provided by Microsofts browser Edge sends images you've viewed online back to Microsoft. A new feature labelled Enhance images in Microsoft Edge has raised some privacy concerns. The feature is designed to upscale low resolution images, making them sharper, and improving...
.NET 7.0 Update - March 14, 2023 (KB5024672)
.NET 7.0 Update - March 14, 2023 KB5024672 NET 7.0 has been refreshed with the latest update as of March 14, 2023. This update contains non-security fixes. See the release notes for details on updated packages..NET 7.0 servicing updates are upgrades. The latest servicing update for 7.0 will remov...
SUSE CVE-2018-11805
In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that users should only use update channels or 3rd party ....
GPAC MP4Box 安全漏洞
GPAC MP4Box is multimedia packager. It is mainly used to work with ISOBMF files e.g. MP4, 3GP, but can also be used to import/export media from container files such as AVI, MPG, MKV, MPEG-2 TS, etc. A security vulnerability exists in GPAC MP4Box version 2.1-DEV-rev593-g007bf61a0, which stems from...
EulerOS 2.0 SP2 : spamassassin (EulerOS-SA-2021-2450)
According to the versions of the spamassassin package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this,...
August 10, 2021 Public preview security update (KB5005039)
August 10, 2021 Public preview security update KB5005039 Improvements and fixes This public preview security update includes quality improvements. Key changes include: This update contains miscellaneous security improvements to internal OS functionality. No additional issues were documented for...
CVE-2020-1946
In Apache SpamAssassin before 3.4.5, malicious rule configuration .cf files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use update channels or 3...
ALPINE-CVE-2020-1946
In Apache SpamAssassin before 3.4.5, malicious rule configuration .cf files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use update channels or 3...
CVE-2020-1946 Apache SpamAssassin has an OS Command Injection vulnerability
In Apache SpamAssassin before 3.4.5, malicious rule configuration .cf files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use update channels or 3...
CVE-2020-1946
In Apache SpamAssassin before 3.4.5, malicious rule configuration .cf files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use update channels or 3...