CVE-2025-64504

Langfuse is an open source large language model engineering platform. Starting in version 2.70.0 and prior to versions 2.95.11 and 3.124.1, in certain project membership APIs, the server trusted a user‑controlled orgId and used it in authorization checks. As a result, any authenticated user on th...

PT-2025-39386

Name of the Vulnerable Software and Affected Versions Project Gardener versions prior to 1.64.0 AWS providers Project Gardener versions prior to 1.55.0 Azure providers Project Gardener versions prior to 1.49.0 OpenStack providers Project Gardener versions prior to 1.46.0 GCP providers Description...

Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues: CVE-2024-45339: github.com/golang/glog: a privileged process' log file path can be easily predicted and used to overwrite other sensitive files in a system. bsc1236560 Patch Instructions: To install this SUSE update use the SUSE...

DEBIAN-CVE-2024-22412

ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse/clickhouse version 23.1. Query caching bypasses the role based access controls and the policies being enforced on roles...