mariadb:10.11 security update

galera 26.4.20-1.0.1 - Drop nmap-ncat requirement. Orabug: 34116228 - Requirement to delete garbd-wrapper script and lp1184034 test case without using patches. Orabug: 34116228 26.4.20-1 - Rebase to 26.4.20 26.4.19-1 - Rebase to 26.4.19 26.4.18-1 - Rebase to 26.4.18 mariadb 3:10.11.10-1 - Rebase ...

traceroute: improper command line parsing

A vulnerability was found in traceroute. This security issue is caused by wrapper scripts that do not properly parse command lines...

CVE-2024-57922 drm/amd/display: Add check for granularity in dml ceil/floor helpers

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add check for granularity in dml ceil/floor helpers Why Wrapper functions for dcnbwceil2 and dcnbwfloor2 should check for granularity is non zero to avoid assert and divide-by-zero error in dcnbw functions. How A...

PT-2025-11345

Name of the Vulnerable Software and Affected Versions: PHP versions up to 8.1.31 PHP versions up to 8.2.27 PHP versions up to 8.3.18 PHP versions up to 8.4.4 php7.4 Description: The issue concerns the Streams HTTP Wrapper in PHP. Recommendations: For PHP versions up to 8.1.31, update to a version...

MAL-2025-963 Malicious code in python-bitget-wrapper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 769187e87797e69e9ebfc00eb97274a91fea1c86b1472b4ef6436441f737c8b9 Importing the module starts an obfuscated PowerShell code, which downloads and executes a remote script. On Windows, the script appears to just start the...

Malicious code in python-bitget-wrapper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 769187e87797e69e9ebfc00eb97274a91fea1c86b1472b4ef6436441f737c8b9 Importing the module starts an obfuscated PowerShell code, which downloads and executes a remote script. On Windows, the script appears to just start the...

CVE-2024-53292

Dell VxVerify, versions prior to x.40.405, contain a Plain-text Password Storage Vulnerability in the shell wrapper. A local high privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed...

PT-2024-35716 · Dell · Dell Vxverify

Name of the Vulnerable Software and Affected Versions: Dell VxVerify versions prior to x.40.405 Description: The issue concerns a Plain-text Password Storage Vulnerability in the shell wrapper of Dell VxVerify. A local high privileged attacker could potentially exploit this vulnerability, leading...

Dell VxVerify 安全漏洞

Dell VxVerify is a pre-upgrade operational status checking tool from Dell USA. A security vulnerability exists in Dell VxVerify versions prior to x.40.405, which stems from the storage of plaintext passwords in the shell wrapper, and could allow a local, high-privileged attacker to disclose...

Moderate: Red Hat Security Advisory: RHOSP 17.1.4 (python-zipp) security update

An update for python-zipp is now available for Red Hat OpenStack Platform RHOSP 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

kernel: drm/amd/display: Refactor DMCUB enter/exit idle interface

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface Why We can hang in place trying to send commands when the DMCUB isn't powered on. How We need to exit out of the idle state prior to sending a command, but the process tha...

Moodle authorization headers preserved between "emulated redirects"

A flaw was found in moodle. The cURL wrapper in Moodle strips HTTPAUTH and USERPWD headers during emulated redirects, but retains other original request headers, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs...

CVE-2024-43432

A flaw was found in moodle. The cURL wrapper in Moodle strips HTTPAUTH and USERPWD headers during emulated redirects, but retains other original request headers, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs...

UBUNTU-CVE-2024-43432

A flaw was found in moodle. The cURL wrapper in Moodle strips HTTPAUTH and USERPWD headers during emulated redirects, but retains other original request headers, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs...

CVE-2024-43432 Moodle: authorization headers preserved between "emulated redirects"

A flaw was found in moodle. The cURL wrapper in Moodle strips HTTPAUTH and USERPWD headers during emulated redirects, but retains other original request headers, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs...

SUSE-RU-2024:3971-1 Recommended update for mojo-parent

This update for mojo-parent fixes the following issues: xalan-j2 was updated from version 2.7.2 to 2.7.3: - Security issues fixed: CVE-2022-34169: Fixed integer truncation issue when processing malicious XSLT stylesheets bsc1201684 - Changes and Bugs fixed: Java 8 is now the minimum requirement...

Moodle 安全漏洞

Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that stems from the cURL wrapper stripping the HTTPAUTH and USERPWD headers during...

SUSE CVE-2024-49927

In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runtime: can not alloc irqpinlist -1,0,20 Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can...

SUSE CVE-2022-48997

In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpmpmsuspend with locks Currently tpm transactions are executed unconditionally in tpmpmsuspend function, which may lead to races with other tpm accessors in the system. Specifically, the hwrandom tpm driver...

Fedora: Security Advisory (FEDORA-2024-ec78ab2c45)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...