openSUSE 16 Security Update : radare2 (openSUSE-SU-2026:20653-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20653-1 advisory. Changes in radare2: - Update to version 6.1.4 bsc1262142, CVE-2026-40499: Analysis: improve autoname scoring, jmptbl detection, and performance...

Ubuntu 24.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-8052-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8052-1 advisory. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory...

USN-7879-3 linux-aws-6.14, linux-oracle-6.14 vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Several security issues were discovered in the Linux kernel. An attacker could possibly use...

SUSE-SU-2025:4096-1 Security update for binutils

This update for binutils fixes the following issues: - Do not enable '-z gcs=implicit' on aarch64 for old codestreams. Update to version 2.45: New versioned release of libsframe.so.2 s390: tools now support SFrame format 2; recognize 'z17' as CPU name bsc1247105, jscIBM-1485 sframe sections are n...

USN-7719-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...

Microsoft Win32k 安全漏洞

Microsoft Win32k is a system file for Windows multi-user management from Microsoft USA. A security vulnerability exists in Microsoft Win32k. An attacker can exploit the vulnerability to elevate privileges. The following products and versions are affected: Windows 10 Version 21H2 for 32-bit...

SUSE-SU-2025:20046-1 Security update for runc

This update for runc fixes the following issues: Update to runc v1.1.14. Upstream changelog is available from . - CVE-2024-45310: Fixed that runc can be tricked into creating empty files/directories on host bsc1230092 Update to runc v1.1.13. Upstream changelog is available from . - Fixed a...

USN-7159-4 linux-iot vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...

[SECURITY] Fedora 41 Update: radare2-5.9.8-4.fc41

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

Context is King: Using API Sessions for Security Context

There’s no doubt that API security is a hot topic these days. The continued growth in API-related breaches and increase in publicized API vulnerabilities has pushed API security to the top of CISO’s lists. The tools in the market for API security still have room for improvement, of course. One of...

USN-6818-3 linux-nvidia-6.5 vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...

PT-2024-1423

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.28 Description The issue is related to an integer overflow in the raid5 cache count function of the Linux kernel's RAID driver. This can potentially allow an attacker to impact the confidentiality, integrity,...

SUSE: Security Advisory (SUSE-SU-2023:4480-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VotiumStrategy.requestWithdraw() doesn't check whether totalLockedBalancePlusUnlockable is already enough to cover withdrawal being requested

Lines of code Vulnerability details Vulnerability Details The totalLockedBalancePlusUnlockable is being used to calculate an amount that's ready to be withdrawn. In case, if totalLockedBalancePlusUnlockable = cvxUnlockObligations already before iterating over the lockedBalances, the withdrawal...

SUSE-SU-2022:2886-1 Security update for glibc

This update for glibc fixes the following issues: Security issues fixed: - CVE-2015-5180: Fix crash with internal QTYPE in resolv bsc941234, BZ 18784 - CVE-2016-10228: Rewrite iconv option parsing bsc1027496, BZ 19519 - CVE-2019-25013: Fix buffer overrun in EUC-KR conversion module bsc1182117, BZ...

SUSE-SU-2022:0770-1 Security update for buildah

This update for buildah fixes the following issues: buildah was updated to version 1.23.1: Update to version 1.22.3: Update dependencies Post-branch commit Accept repositories on login/logout Update to version 1.22.0: c/image, c/storage, c/common vendor before Podman 3.3 release Proposed patch fo...

OPENSUSE-SU-2020:1790-1 Security update for binutils

This update for binutils fixes the following issues: binutils was updated to version 2.35. jscECO-2373 Update to binutils 2.35: The assembler can now produce DWARF-5 format line number tables. Readelf now has a 'lint' mode to enable extra checks of the files it is processing. Readelf will now...

ALERT! Hackers targeting IoT devices with a new P2P botnet malware

Cybersecurity researchers have taken the wraps off a new botnet hijacking Internet-connected smart devices in the wild to perform nefarious tasks, mostly DDoS attacks, and illicit cryptocurrency coin mining. Discovered by Qihoo 360's Netlab security team, the HEH Botnet — written in Go language a...

python-pillow security update

2.0.0-20gitd1c6db8 - Combined fixes for CVE-2020-5312 and CVE-2019-16865 Resolves: rhbz1789533 Resolves: rhbz1774066 2.0.0-19gitd1c6db8 - Reenabled webp support on little endian archs. 2.0.0-18gitd1c6db8 - Disabled webp support on ppc64le due to 962091 and 1127230. - Updated URL. 2.0.0-17gitd1c6d...

SUSE SLED12 / SLES12 Security Update : libseccomp (SUSE-SU-2019:2941-1)

This update for libseccomp fixes the following issues : Update to new upstream release 2.4.1 : Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF code blocks. Updated to 2.4.0 bsc1128828 CVE-2019-9893: Update the syscall table for Linux v5.0-rc5 Added support for the...