SUSE CVE-2026-27940

llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the ggufinitfromfileimpl in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread writes 528+ bytes of attacker-controlled data past the buffer boundary. This is...

Exploit for XML Entity Expansion in Cisco Secure_Endpoint

CVE-2023-20052 Exploit - Fixed Build Fixed Docker build for C...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : postgresql16 (SUSE-SU-2025:4388-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4388-1 advisory. Upgraded to 16.11: - CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : postgresql17, postgresql18 (SUSE-SU-2025:4363-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4363-1 advisory. Changes in postgresql18: - Fix build with uring for post SLE15 code streams. Update to 18.1:...

SUSE-SU-2025:4364-1 Security update for postgresql17, postgresql18

This update for postgresql17, postgresql18 fixes the following issues: Changes in postgresql18: - Fix build with uring for post SLE15 code streams. Update to 18.1: https://www.postgresql.org/about/news/p-3171/ https://www.postgresql.org/docs/release/18.1/ bsc1253332, CVE-2025-12817: Missing check...

SUSE-SU-2025:4363-1 Security update for postgresql17, postgresql18

This update for postgresql17, postgresql18 fixes the following issues: Changes in postgresql18: - Fix build with uring for post SLE15 code streams. Update to 18.1: https://www.postgresql.org/about/news/p-3171/ https://www.postgresql.org/docs/release/18.1/ bsc1253332, CVE-2025-12817: Missing check...

CLSA-2025-1764772111 jackson-modules-base: Fix of CVE-2025-52999

Rebuilt with the CVE-2025-52999: fixed jackson-core version - Fixed build: replaced missing packages with a patch for PackageVersion...

CLSA-2025-1764771605 jackson-jaxrs-providers: Fix of CVE-2025-52999

Rebuilt with the CVE-2025-52999: fixed jackson-core version - Fixed build: replaced missing packages with a patch for PackageVersion...

SUSE SLED15 / SLES15 Security Update : python313 (SUSE-SU-2025:4277-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4277-1 advisory. Update to 3.13.9: - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars...

CVE-2025-62430

ClipBucket v5 is an open source video sharing platform. ClipBucket v5 through build 5.5.2 145 allows stored cross-site scripting XSS in multiple video and photo metadata fields. For videos the Tags field and the Genre, Actors, Producer, Executive Producer, and Director fields in Movieinfos accept...

CLSA-2025-1760689151 Update of java-11-openjdk

Fix build...

Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: CVE-2025-22247: Fixed Insecure file handling bsc1243106 Other fixes: Fixed GCC 15 compile time error bsc1241938 Fix building with containerd 1.7.25+ bsc1237147 Full changelog:...

Security update for podman

This update for podman fixes the following issues: CVE-2023-45288: Fixed closing connection when receiving too many headers bsc1236507. CVE-2024-11218: Fixed container breakout by using --jobs=2 and a race condition when building a malicious Containerfile bsc1236270. CVE-2025-22869: Fixed Denial ...

SUSE-SU-2025:20160-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. - CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server bsc1237041. Other bugfixes: - Fix ssh client segfault with...

SUSE SLES15 Security Update : qemu (SUSE-SU-2025:0692-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0692-1 advisory. - CVE-2024-8612: Fixed information leak in virtio devices bsc1230915. - CVE-2024-7409: Fixed denial of service via improper...

SUSE-SU-2025:0692-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2024-8612: Fixed information leak in virtio devices bsc1230915. - CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure bsc1229007. - CVE-2024-3447: Fixed heap buffer overflow in...

SUSE-SU-2025:0104-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.46.5 bsc1234851: Security fixes: - CVE-2024-54479: Processing maliciously crafted web content may lead to an unexpected process crash - CVE-2024-54502: Processing maliciously crafted web content may lead to an unexpected...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.46.5 bsc1234851: Security fixes: CVE-2024-54479: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2024-54502: Processing maliciously crafted web content may lead to an unexpected...

SUSE CVE-2024-45802

Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted...

UBUNTU-CVE-2024-46698

In the Linux kernel, the following vulnerability has been resolved: video/aperture: optionally match the device in sysfbdisable In apertureremoveconflictingpcidevices, we currently only call sysfbdisable on vga class devices. This leads to the following problem when the pimary device is not VGA...