Astra Linux - уязвимость в edk2

EDK2 is vulnerable to a vulnerability in the Tcg2MeasurePeImage function, which allows a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in compromises of confidentiality, integrity, and/or availability...

Astra Linux - уязвимость в xorg-server

A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system availability...

JLSEC-2026-514

An uncontrolled resource consumption memory leak flaw was found in the ZeroMQ client in versions before 4.3.3 in src/pipe.cpp. This issue causes a client that connects to multiple malicious or compromised servers to crash. The highest threat from this vulnerability is to system availability...

OPENSUSE-SU-2026:10825-1 kernel-devel-7.0.9-1.1 on GA media

These are all security issues fixed in the kernel-devel-7.0.9-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10819-1 cockpit-361-1.1 on GA media

These are all security issues fixed in the cockpit-361-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10829-1 python311-idna-3.15-1.1 on GA media

These are all security issues fixed in the python311-idna-3.15-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-42134

Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions prior to 1.25.1 Description An issue exists when handling replies with very large RRsets Resource Record sets that require name compression. Malicious upstream responses containing very large RRsets with records tha...

OPENSUSE-SU-2026:10830-1 trivy-0.70.0-2.1 on GA media

These are all security issues fixed in the trivy-0.70.0-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10821-1 dnsmasq-2.92rel2-1.1 on GA media

These are all security issues fixed in the dnsmasq-2.92rel2-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10827-1 oci-cli-3.83.0-1.1 on GA media

These are all security issues fixed in the oci-cli-3.83.0-1.1 package on the GA media of openSUSE Tumbleweed...

ROS-20260520-73-0002

A vulnerability in the Skia graphics library of the Google Chrome and Microsoft Edge browsers is related to writing outside of buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity and availability of protected...

OPENSUSE-SU-2026:10823-1 helm-4.2.0-2.1 on GA media

These are all security issues fixed in the helm-4.2.0-2.1 package on the GA media of openSUSE Tumbleweed...

ROS-20260520-73-0046

A vulnerability in the ANGLE library of Google Chrome browser is related to integer overflow. Exploitation of the vulnerability could allow a remote attacker to compromise the confidentiality, integrity and availability of protected information...

OPENSUSE-SU-2026:10826-1 libzypp-17.38.9-1.1 on GA media

These are all security issues fixed in the libzypp-17.38.9-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10822-1 hauler-1.4.3-2.1 on GA media

These are all security issues fixed in the hauler-1.4.3-2.1 package on the GA media of openSUSE Tumbleweed...

ROS-20260520-73-0007

A vulnerability in the WebGL component of Google Chrome and Microsoft Edge browsers is related to reading outside of the allowed range in memory. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity and availability of protected...

firefox-esr-140.11.0-1.1 on GA media (moderate)

firefox-esr-140.11.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10813-1 Rating: moderate Cross-References: CVE-2026-8388 CVE-2026-8391 CVE-2026-8401 CVE-2026-8946 CVE-2026-8947 CVE-2026-8949 CVE-2026-8950 CVE-2026-8953 CVE-2026-8954 CVE-2026-8955 CVE-2026-8956 CVE-2026-8957 CVE-2026-8958...

OPENSUSE-SU-2026:10820-1 cups-2.4.19-2.1 on GA media

These are all security issues fixed in the cups-2.4.19-2.1 package on the GA media of openSUSE Tumbleweed...

edk2: EDK2: Improper Input Validation allows arbitrary command execution

A flaw was found in EDK2 EFI Development Kit 2. This vulnerability allows an attacker to cause arbitrary command execution and impact Confidentiality, Integrity, and Availability via improper input validation by local access...

OPENSUSE-SU-2026:10816-1 libpainter0-0.9.27-2.1 on GA media

These are all security issues fixed in the libpainter0-0.9.27-2.1 package on the GA media of openSUSE Tumbleweed...