Onlook 安全漏洞

Onlook is a source code visual editing tool from the Onlook open source. A security vulnerability exists in Onlook version 0.2.32, which stems from the API not validating the ownership or membership of the current authenticated user for the requested item ID, potentially resulting in compromised...

OPENSUSE-SU-2025:15709-1 google-osconfig-agent-20251028.00-1.1 on GA media

These are all security issues fixed in the google-osconfig-agent-20251028.00-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15711-1 opentofu-1.10.7-1.1 on GA media

These are all security issues fixed in the opentofu-1.10.7-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15715-1 squid-7.3-1.1 on GA media

These are all security issues fixed in the squid-7.3-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15719-1 xen-4.20.1_08-1.1 on GA media

These are all security issues fixed in the xen-4.20.108-1.1 package on the GA media of openSUSE Tumbleweed...

kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()

A null pointer dereference exists in the linux kernel such that in objstockflushrequired:stock-cachedobjcg can be reset between the check and dereference, resulting in damage to the availability of the system...

OPENSUSE-SU-2025:15706-1 erlang-28.1.1-1.1 on GA media

These are all security issues fixed in the erlang-28.1.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15705-1 runc-1.3.3-1.1 on GA media

These are all security issues fixed in the runc-1.3.3-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-8558

Insider Threat Management ITM Server versions prior to 7.17.2 contain an authentication bypass vulnerability that allows unauthenticated users on an adjacent network to perform agent unregistration when the number of registered agents exceeds the licensed limit. Successful exploitation prevents t...

OPENSUSE-SU-2025:15702-1 kernel-devel-6.17.7-1.1 on GA media

These are all security issues fixed in the kernel-devel-6.17.7-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15701-1 java-1_8_0-openjdk-1.8.0.472-1.1 on GA media

These are all security issues fixed in the java-180-openjdk-1.8.0.472-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-8558

Insider Threat Management ITM Server versions prior to 7.17.2 contain an authentication bypass vulnerability that allows unauthenticated users on an adjacent network to perform agent unregistration when the number of registered agents exceeds the licensed limit. Successful exploitation prevents t...

CVE-2025-8558

Insider Threat Management ITM Server versions prior to 7.17.2 contain an authentication bypass vulnerability that allows unauthenticated users on an adjacent network to perform agent unregistration when the number of registered agents exceeds the licensed limit. Successful exploitation prevents t...

CVE-2025-8558

The CVE-2025-8558 entry concerns Proofpoint’s Insider Threat Management (ITM) Server. Affected software: ITM Server versions prior to 7.17.2. Vulnerable component/condition: an authentication bypass that allows an unauthenticated adversary on an adjacent network to unregister agents when the numb...

CVE-2025-8558

Insider Threat Management ITM Server versions prior to 7.17.2 contain an authentication bypass vulnerability that allows unauthenticated users on an adjacent network to perform agent unregistration when the number of registered agents exceeds the licensed limit. Successful exploitation prevents t...

OPENSUSE-SU-2025:15697-1 kumactl-2.12.3-1.1 on GA media

These are all security issues fixed in the kumactl-2.12.3-1.1 package on the GA media of openSUSE Tumbleweed...

Astra Linux – Vulnerability in PHP 8.2

In PHP versions 8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, and 8.4. before 8.4.10, when parsing XML data in SOAP extensions, overly large 2Gb XML namespace prefixes may lead to null pointer dereferencing. This can result in crashes and affect the availability of the target server...

strongswan-6.0.3-1.1 on GA media (moderate)

strongswan-6.0.3-1.1 on GA media Announcement ID: openSUSE-SU-2025:15681-1 Rating: moderate Cross-References: CVE-2025-62291 CVSS scores: CVE-2025-62291 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now b...

java-25-openj9-25.0.1.0-1.1 on GA media (moderate)

java-25-openj9-25.0.1.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15694-1 Rating: moderate Cross-References: CVE-2025-53057 CVE-2025-61748 CVSS scores: CVE-2025-53057 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2025-53057 SUSE : 8.2...

AMD Graphics August 2025 Security Update

AMD has informed HP of potential vulnerabilities in some AMD Graphics components, which might lead to loss of confidentiality, loss of integrity, loss of availability, system crash, arbitrary writes, out of bounds read, or denial of service. AMD is releasing software updates to mitigate the...