OESA-2025-2545 qt5-qtbase security update

Qt is a software toolkit for developing applications. Security Fixes: An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that...

btrfs: do not assert we found block group item when creating free space tree

...

EUVD-2025-36978

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not assert we found block group item when creating free space tree Currently, when building a free space tree at populatefreespacetree, if we are not using the block group tree feature, we always expect to find block...

CVE-2025-40100

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not assert we found block group item when creating free space tree Currently, when building a free space tree at populatefreespacetree, if we are not using the block group tree feature, we always expect to find block...

CVE-2025-40100

The CVE-2025-40100 issue is in the Linux kernel, specifically the Btrfs code path used when building the free space tree. The problem was an assertion in populate_free_space_tree() that assumed a block group item always exists in the extent tree when not using the block group tree feature. This c...

CVE-2025-40100 btrfs: do not assert we found block group item when creating free space tree

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not assert we found block group item when creating free space tree Currently, when building a free space tree at populatefreespacetree, if we are not using the block group tree feature, we always expect to find block...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly handling the empty block group case, which could lead to an assertion failure...

CVE-2025-64131

CVE-2025-64131 concerns the Jenkins SAML Plugin (versions up to 4.583.vc68232f7018a_ and earlier) not implementing a replay cache for SAML authentication flow. The absence of a replay cache allows an attacker who can observe the SAML exchange to replay requests and authenticate as the target user...

Security update for cmake

This update for cmake fixes the following issues: CVE-2025-9301: Fixed assertion failure due to improper validation bsc1248461 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

CVE-2025-50055

Cross-site scripting XSS vulnerability in the SAML Authentication module in OpenVPN Access Server version 2.14.0 through 2.14.3 allows configured remote SAML Assertion Consumer Service ACS endpoint servers to inject arbitrary web script or HTML via the RelayState parameter...

CVE-2025-50055

Cross-site scripting XSS vulnerability in the SAML Authentication module in OpenVPN Access Server version 2.14.0 through 2.14.3 allows configured remote SAML Assertion Consumer Service ACS endpoint servers to inject arbitrary web script or HTML via the RelayState parameter...

CVE-2025-50055

OpenVPN Access Server 2.14.0–2.14.3 exposes an XSS vulnerability in the SAML Authentication module via the RelayState parameter. The issue allows an attacker-controlled RelayState to inject arbitrary script/HTML, potentially leading to client-side impact. The CVE description in official records n...

CVE-2025-41067

Reachable Assertion vulnerability in Open5GS up to version 2.7.6 allows attackers with connectivity to the NRF to cause a denial of service. An SBI request that deletes the NRF's own registry causes a check that ends up crashing the NRF process and renders the discovery service unavailable...

CVE-2025-41067 Reachable Assertion vulnerability in Open5GS

Reachable Assertion vulnerability in Open5GS up to version 2.7.6 allows attackers with connectivity to the NRF to cause a denial of service. An SBI request that deletes the NRF's own registry causes a check that ends up crashing the NRF process and renders the discovery service unavailable...

EUVD-2025-36180

Reachable Assertion vulnerability in Open5GS up to version 2.7.5 allows attackers with connectivity to the NRF to cause a denial of service. An SBI request that deletes the NRF's own registry causes a check that ends up crashing the NRF process and renders the discovery service unavailable...

CVE-2025-41067

CVE-2025-41067 affects Open5GS NRF (Network Repository Function) up to version 2.7.6. A reachable assertion can be triggered by an SBI request that deletes the NRF’s own registry, crashing the NRF process and rendering the discovery service unavailable (DoS). A PoC exploit for this vulnerability ...

Open5GS 安全漏洞

Open5GS is an Open5GS open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.7.5 and earlier, which stems from a reachable assertion issue that could lead to a denial-of-service attack...

NewStart CGSL MAIN 7.02 : qemu Multiple Vulnerabilities (NS-SA-2025-0248)

The remote NewStart CGSL host, running version MAIN 7.02, has qemu packages installed that are affected by multiple vulnerabilities: - A flaw was found in QEMU. An assertion failure was present in the updatesctpchecksum function in hw/net/nettxpkt.c when trying to calculate the checksum of a...

Security Bulletin: multiple vulerability in IBM Spectrum Symphony with ISC BIND

Summary multiple vulerability in IBM Spectrum Symphony with ISC BIND Vulnerability Details CVEID:CVE-2023-4408 DESCRIPTION: The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queri...

EUVD-2022-55656

In the Linux kernel, the following vulnerability has been resolved: ASoC: audio-graph-card: fix refcount leak of cpuep in graphforeachlink The ofgetnextchild returns a node with refcount incremented, and decrements the refcount of prev. So in the error path of the while loop, ofnodeput needs be...