Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992922)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992922 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2dumpomd value of ptr is increased by ciphkeylen inste...

PT-2025-54245

Name of the Vulnerable Software and Affected Versions SoX version 14.4.2 Description SoX version 14.4.2 contains a division by zero issue when processing WAV files, potentially leading to program crashes. An attacker can provide a crafted WAV file to trigger a floating point exception due to...

CVE-2025-67850

A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions...

CVE-2024-58293

Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input fields. Attackers can inject template payloads in items, taxes, transactions, and vendor name fields to perform arithmetic...

libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup

A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior,...

TencentOS Server 2: zlib (TSSA-2025:0468)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0468 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup

A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior,...

libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup

A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior,...

libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup

A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior,...

CVE-2025-40169 bpf: Reject negative offsets for ALU ops

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject negative offsets for ALU ops When verifying BPF programs, the checkaluop function validates instructions with ALU operations. The 'offset' field in these instructions is a signed 16-bit integer. The existing check...

CVE-2025-40169

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject negative offsets for ALU ops When verifying BPF programs, the checkaluop function validates instructions with ALU operations. The 'offset' field in these instructions is a signed 16-bit integer. The existing check...

CVE-2025-40169 bpf: Reject negative offsets for ALU ops

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject negative offsets for ALU ops When verifying BPF programs, the checkaluop function validates instructions with ALU operations. The 'offset' field in these instructions is a signed 16-bit integer. The existing check...

libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup

A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior,...

CLSA-2025-1762544268 rsync: Fix of CVE-2016-9840

CVE-2016-9840: fix improper pointer arithmetic in inftrees.c...

CLSA-2025-1762540366 rsync: Fix of CVE-2016-9840

CVE-2016-9840: fix improper pointer arithmetic in inftrees.c...

SUSE-SU-2025:3985-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: Fixed unsigned underflow and division-by-zero that can lead to OOB pointer arithmetic and process crash. bsc1252749...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-62594: Fixed unsigned underflow and division-by-zero that can lead to OOB pointer arithmetic and process crash. bsc1252749 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ImageMagick (SUSE-SU-2025:3978-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3978-1 advisory. - CVE-2025-62594: Fixed unsigned underflow and division-by-zero that can lead to OOB pointer arithmetic a...

SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2025:3956-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3956-1 advisory. - CVE-2025-62594: Fixed unsigned underflow and division-by-zero that can lead to OOB pointer arithmetic and process...

SUSE-SU-2025:3978-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: Fixed unsigned underflow and division-by-zero that can lead to OOB pointer arithmetic and process crash. bsc1252749...