OPENSUSE-SU-2025:15747-1 libeverest-3.6.5-1.1 on GA media

These are all security issues fixed in the libeverest-3.6.5-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15746-1 libvirt-11.9.0-2.1 on GA media

These are all security issues fixed in the libvirt-11.9.0-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-41346

Faulty authorization control in software WinPlus v24.11.27 by Informática del Este that allows another user to be impersonated simply by knowing their 'numerical ID', meaning that an attacker could compromise another user's account, thereby affecting the confidentiality, integrity, and availabili...

CVE-2025-41346 Stored Cross-Site Scripting (XSS) in WinPlus by Informática del Este

Faulty authorization control in software WinPlus v24.11.27 by Informática del Este that allows another user to be impersonated simply by knowing their 'numerical ID', meaning that an attacker could compromise another user's account, thereby affecting the confidentiality, integrity, and availabili...

CVE-2025-41346

Faulty authorization control in software WinPlus v24.11.27 by Informática del Este that allows another user to be impersonated simply by knowing their 'numerical ID', meaning that an attacker could compromise another user's account, thereby affecting the confidentiality, integrity, and availabili...

CVE-2025-41346

CVE-2025-41346 pertains to WinPlus v24.11.27 from Informática del Este, where faulty authorization control allows impersonation of another user by simply knowing the numerical ID. The issue affects confidentiality, integrity, and availability of data stored in the application. Connected sources c...

MozillaThunderbird-140.5.0-1.1 on GA media (moderate)

MozillaThunderbird-140.5.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15738-1 Rating: moderate Cross-References: CVE-2025-13012 CVE-2025-13013 CVE-2025-13014 CVE-2025-13015 CVE-2025-13016 CVE-2025-13017 CVE-2025-13018 CVE-2025-13019 CVE-2025-13020 CVSS scores: CVE-2025-13012 SUSE : 7.5...

This Week in Spring - November 18th, 2025

This Week in Spring - November 18th, 2025 Hi, Spring fans! I'm thrilled to be in New York City for an exciting week of joint presentations on Spring AI + Bedrock and Spring Boot with the legendary James Ward. First up: we'll present a workshop at the AI Native Dev Conf today, then speak at the...

OPENSUSE-SU-2025:15741-1 libIex-3_4-33-3.4.3-1.1 on GA media

These are all security issues fixed in the libIex-34-33-3.4.3-1.1 package on the GA media of openSUSE Tumbleweed...

kernel: wifi: cfg80211: fix use-after-free in cmp_bss()

A use after free vulnerbility exists in the linux kernel wifi module in the cmpbss function,an attacker could create a crafted payload to trigger, leading to damage availability and integrity of the system...

OPENSUSE-SU-2025:15739-1 itextpdf-5.5.13.4-1.1 on GA media

These are all security issues fixed in the itextpdf-5.5.13.4-1.1 package on the GA media of openSUSE Tumbleweed...

ROS-20251117-08

Vulnerability of the ksmbdexpiresession function in the fs/smb/server/mgmt/usersession.c module of the in-core CIFS/SMB3 ksmbd server kernel of the Linux operating system is related to reuse of previously of previously freed memory. Exploitation of the vulnerability could allow an attacker to...

ROS-20251117-04

A vulnerability in the LXD container and lightweight virtual machine management system is related to redundant API data output. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information The vulnerability in the LXD container and...

HSEC-2024-0008 Sign extension error in the PPC64le FFI

Sign extension error in the PPC64le FFI Numeric arguments of FFI call on the PPC64le backend may result in incorrect runtime values. For the most part, this bug only causes availability and data integrity issues. However, in some circumstances, it may result in other, more complicated security...

HSEC-2025-0001 Subword division operations may produce incorrect results

Subword division operations may produce incorrect results Arithmetic operations may produce incorrect results when compiled with optimizations. For the most part, this bug only causes availability and data integrity issues. However, in some circumstances, it may result in other, more complicated...

OPENSUSE-SU-2025:15737-1 teleport-17.7.10-1.1 on GA media

These are all security issues fixed in the teleport-17.7.10-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15735-1 MozillaFirefox-145.0-1.1 on GA media

These are all security issues fixed in the MozillaFirefox-145.0-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-30185

Active debug code for some Intel UEFI reference platforms within Ring 0: Kernel may allow a denial of service and escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable data alteration. This result may potentially occur via local...

CVE-2025-65001

Fujitsu fbiosdrv.sys before 2.5.0.0 allows an attacker to potentially affect system confidentiality, integrity, and availability...

weblate-5.14.3-1.1 on GA media (moderate)

weblate-5.14.3-1.1 on GA media Announcement ID: openSUSE-SU-2025:15733-1 Rating: moderate Cross-References: CVE-2025-64326 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the weblate-5.14.3-1....