CVE-2025-48606

In preparePackage of InstallPackageHelper.java, there is a possible way for an app to appear hidden upon installation without a mechanism to uninstall it due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...

CVE-2025-48606

In preparePackage of InstallPackageHelper.java, there is a possible way for an app to appear hidden upon installation without a mechanism to uninstall it due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...

Security update for the Linux Kernel

This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...

Security update for xen

This update for xen fixes the following issues: CVE-2024-36350, CVE-2024-36357: More AMD transient execution attacks bsc1246112, XSA-471 CVE-2025-27465: Incorrect stubs exception handling for flags recovery bsc1244644, XSA-470 Special Instructions and Notes: Please reboot the system after...

Security update for the Linux Kernel

This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...

Security update for xen

This update for xen fixes the following issues: Update to Xen 4.18.5: Security fixes: CVE-2024-28956: Fixed Intel CPU Indirect Target Selection ITS bsc1243117 Other fixes: Fixed boot failing with XEN kernel on DL580 Gen12 bsc1242490 Added missing upstream bug fixes bsc1027519 Special Instructions...

CVE-2024-3779

Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met...

SUSE CVE-2021-35938

A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system...

CVE-2020-12117

Moxa Service in Moxa NPort 5150A firmware version 1.5 and earlier allows attackers to obtain sensitive configuration values via a crafted packet to UDP port 4800. NOTE: Moxa Service is an unauthenticated service that runs upon a first-time installation but can be disabled without ill effect...

security flaw

The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla before 1.7.9 allows remote attackers to execute a callback function in the context of another domain by forcing a page navigation after the install method has been called, which causes the callback to be run in the context of t...