OPENSUSE-SU-2025:15293-1 redis-8.0.2-1.1 on GA media

These are all security issues fixed in the redis-8.0.2-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15301-1 tomcat-9.0.106-1.1 on GA media

These are all security issues fixed in the tomcat-9.0.106-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15233-1 jq-1.8.1-1.1 on GA media

These are all security issues fixed in the jq-1.8.1-1.1 package on the GA media of openSUSE Tumbleweed...

The vulnerability of the set_device_language() function in the portal.cgi script of Linksys E8450 Wi-Fi router software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the setdevicelanguage function in the portal.cgi script of Linksys E8450 Wi-Fi routers is related to the issue where the operation results outside the buffer in memory when processing the dutlanguage parameter. Exploiting this vulnerability allows an attacker to compromise th...

The vulnerability of the SetDefaultConnectionService() function in microprogrammed routing software such as Linksys WRT1900ACS, EA7200, EA7450, and EA7500 allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the SetDefaultConnectionService function in microprogrammed routing software such as Linksys WRT1900ACS, EA7200, EA7450, and EA7500 is related to the operation of writing data outside of the buffer in memory when processing the NewDefaultConnectionService parameter...

Skip the Complexity: Akamai App Platform Makes Kubernetes Production-Ready - Now in GA

...

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

ROS-20250630-10

A vulnerability in the BeanIntrospector class of the Apache Commons Beanutils utility is related to the recovery of an inaccurate data structure in memory. of an invalid data structure. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality,...

Denial Of Service (DoS)

github.com/hashicorp/vault is vulnerable to Denial Of Service DoS. The vulnerability is due to uncontrolled cancellation during rekey and recovery key operations by a Vault operator, which allows an attacker to disrupt service availability...

The vulnerability of Mozilla Firefox and Firefox ESR browsers on the macOS operating system arises from insufficient data validation. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Mozilla Firefox and Firefox ESR browsers on the macOS operating system is related to insufficient validation of data authenticity. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

KLA85385 DoS vulnerability in Google Chrome

Type confusion vulnerability was found in Google Chrome. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Stable Channel Update for Desktop Exploitation Public exploits exist for this vulnerability. Related products Google-Chrome CVE list CVE-2025-655...

Dell OpenManage Network Integration 安全漏洞

Dell OpenManage Network Integration is a set of system management tools provided by Dell for integrating third-party management platforms such as PowerEdge servers, VMware vCenter, and others. An authentication vulnerability exists in Dell OpenManage Network Integration that originates from an...

Security Bulletin: IBM Cognos Transformer is affected by vulnerabilities in IBM® Java™

Summary There are vulnerabilities in IBM® Java™ Version 8 used by IBM Cognos Transformer. Vulnerability Details CVEID:CVE-2024-21131 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low integrity impact. CVSS Source: IBM X-For...

Pre-School Enrollment System check_availability.php File SQL Injection Vulnerability

Pre-School Enrollment System is a web-based preschool enrollment system. The Pre-School Enrollment System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Username in the file /admin/checkavailability.ph...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in Imagination GPU Driver that stems from the possibility that Guest VMs may make improper GPU system calls, which could result in the GPU being unavailable to other Guests...

SUSE SLES15 Security Update : libjxl (SUSE-SU-2025:01883-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:01883-1 advisory. - CVE-2024-11403: Fix out of bounds memory read/write in libjxl bsc1233768. Tenable has extracted the preceding description block directly from the SU...

UBUNTU-CVE-2025-52555

Ceph is a distributed object, block, and file storage platform. In versions 17.2.7, 18.2.1 through 18.2.4, and 19.0.0 through 19.2.2, an unprivileged user can escalate to root privileges in a ceph-fuse mounted CephFS by chmod 777 a directory owned by root to gain access. The result of this is tha...

CVE-2025-52555 CephFS Permission Escalation Vulnerability in Ceph Fuse mounted FS

Ceph is a distributed object, block, and file storage platform. In versions 17.2.7, 18.2.1 through 18.2.4, and 19.0.0 through 19.2.2, an unprivileged user can escalate to root privileges in a ceph-fuse mounted CephFS by chmod 777 a directory owned by root to gain access. The result of this is tha...

CVE-2025-52555

Ceph CephFS vulnerability CVE-2025-52555 affects Ceph versions 17.2.7, 18.2.1–18.2.4, and 19.0.0–19.2.2 where an unprivileged user can escalate to root by chmod 777 a directory owned by root on a ceph-fuse mounted CephFS. The attacker gains read/write/execute access to any root-owned directory, i...

PT-2025-27012

Name of the Vulnerable Software and Affected Versions: Ceph versions 17.2.7, 18.2.1 through 18.2.4, 19.0.0 through 19.2.2 Description: Ceph is a distributed object, block, and file storage platform. An unprivileged user can escalate to root privileges in a ceph-fuse mounted CephFS by changing the...