40 matches found
OPENSUSE-SU-2026:21333-1 Security update for nasm
This update for nasm fixes the following issues - CVE-2026-6067: heap buffer overflow vulnerability due to a lack of bounds checking in the objdirective function bsc1261986. - CVE-2026-6068: heap use after free vulnerability in response file processing bsc1261985. Changes for nasm: - Update to...
SUSE SLES12: clamav / clamav-devel / clamav-docs-html / clamav-milter / etc (SUSE-SU-2026:2833-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2833-1 advisory. This update for clamav fixes the following issues - CVE-2026-20213: PE file format parser could allow an unauthenticated, remote attacker to...
OPENSUSE-SU-2026:21179-1 Security update for lrzip
This update for lrzip fixes the following issues: Changes in lrzip: - Update to version 0.660: Do not clean up thread structures in decompression failure conditions, fixing a use-after-free in lzmadecompressbuf and a NULL pointer dereference in ucompthread on corrupt/malicious archives...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.52.1. Security issues fixed: CVE-2026-20643: processing maliciously crafted web content may bypass Same Origin Policy bsc1261172. CVE-2026-20664: processing maliciously crafted web content may lead to an unexpected proces...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.52.1. Security issues fixed: CVE-2026-20643: processing maliciously crafted web content may bypass Same Origin Policy bsc1261172. CVE-2026-20664: processing maliciously crafted web content may lead to an unexpected proces...
OPENSUSE-SU-2026:20409-1 Security update for harfbuzz
This update for harfbuzz fixes the following issues: Update to version 11.4.5: Security fixes: - CVE-2026-22693: Fixed a NULL pointer dereference in SubtableUnicodesCache::create bsc1256459. Other fixes: - Bug fixes for “AAT” shaping, and other shaping micro optimizations. - Fix a shaping...
OPENSUSE-SU-2026:20199-1 Security update for micropython
This update for micropython fixes the following issues: Changes in micropython: - CVE-2026-1998: Fixed segmentation fault in mpmaplookup via mpimportall bsc1257803. - Version 1.26.1 esp32: update esptinyusb component to v1.7.6 tools: add an environment variable MICROPYMAINTAINERBUILD esp32: add I...
CVE-2025-66277 QTS, QuTS hero
A link following vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3350 build...
SUSE-SU-2026:20096-1 Security update for cargo-c
This update for cargo-c fixes the following issues: - CVE-2025-4574: crossbeam-channel: Fixed double-free on drop in Channel::discardallmessages bsc1243179 - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249012 - CVE-2024-12224: idna: Fixed improper validation of Punycode labels...
Qnap QTS and QuTs hero Improper Neutralization of Input During Web Page Generation (CVE-2023-32969)
A cross-site scripting XSS vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QuTScloud c5.1.5.2651...
Qnap QTS and QuTS hero Improper Neutralization of Special Elements used in an SQL Command (CVE-2025-62849)
An SQL injection vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3297 build 20251024 and...
OPENSUSE-SU-2025:20049-1 Security update for tiff
This update for tiff fixes the following issues: tiff was updated to 4.7.1: Software configuration changes: Define HAVEJPEGTURBODUALMODE812 and LERCSTATIC in tifconfig.h. CMake: define WORDSBIGENDIAN via tifconfig.h doc/CMakeLists.txt: remove useless cmakeminimumrequired CMake: fix build with...
Fedora 43 : singularity-ce (2025-a6641a44f2)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a6641a44f2 advisory. Upgrade to 4.3.4 upstream version. Go 1.25.2 for build fixes multiple go CVEs. BZ2408346 BZ2408744 BZ2409819 BZ2410769 BZ2411665 Tenable has extract...
SUSE SLES15 Security Update : openssl-1_1-livepatches (SUSE-SU-2025:03632-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03632-1 advisory. - Add livepatch for CVE-2025-9230 bsc1250410. - Use strong externalization for ssl3setupreadbuffer and ssl3releasereadbuffer - Use strong...
Security update for openssl-1_1-livepatches
This update for openssl-11-livepatches fixes the following issues: Add livepatch for CVE-2025-9230 bsc1250410. Use strong externalization for ssl3setupreadbuffer and ssl3releasereadbuffer Use strong externalization for osslstatemfatal. Add livepatch for CVE-2024-4741 bsc1225552. Drop trigger rule...
SUSE-SU-2025:03632-1 Security update for openssl-1_1-livepatches
This update for openssl-11-livepatches fixes the following issues: - Add livepatch for CVE-2025-9230 bsc1250410. - Use strong externalization for ssl3setupreadbuffer and ssl3releasereadbuffer - Use strong externalization for osslstatemfatal. - Add livepatch for CVE-2024-4741 bsc1225552. - Drop...
Security update for cairo
This update for cairo fixes the following issues: CVE-2025-50422: Fixed Poppler crash on malformed input bsc1247589 Update to version 1.18.4: The dependency on LZO has been made optional through a build time configuration toggle. You can build Cairo against a Freetype installation that does not...
SUSE-SU-2025:02770-1 Security update for tiff
This update for tiff fixes the following issues: - Updated TIFFMergeFieldInfo with readcount=writecount=0 for FIELDIGNORE bsc1243503 - CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c bsc1247108 - CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow when...
SUSE-SU-2024:1451-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: - CVE-2024-21011: Fixed denial of service due to long Exception message logging JDK-8319851,bsc1222979 - CVE-2024-21068: Fixed integer overflow in C1 compiler address generation JDK-8322122,bsc1222983 - CVE-2024-21085: Fixed Pack200...
SUSE-SU-2023:2294-1 Security update for rmt-server
This update for rmt-server fixes the following issues: Updated to version 2.13: - CVE-2023-28120: Fixed a potential XSS issue in an embedded dependency bsc1209507. - CVE-2023-27530: Fixed a denial of service issue in multipart request parsing bsc1209096. Non-security fixes: - Fixed transactional...