Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

RHEL 8 : webkit2gtk3 (RHSA-2026:10702)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:10702 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...

CVE-2021-41206

TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depending on the API, this can result in undefined behavior and segfault or CHECK-fail related crashes...

RHEL 8 : webkit2gtk3 (RHSA-2025:23969)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23969 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: webkitgtk: Use-after-free...

RHEL 8 : webkit2gtk3 (RHSA-2025:23967)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23967 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: webkitgtk: Use-after-free...

RHEL 9 : webkit2gtk3 (RHSA-2025:23972)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23972 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: webkitgtk: Use-after-free...

EUVD-2006-6742

Malware in sbrugna...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update ...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update ...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

MariaDB 10.5.0 < 10.5.29 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.5.29. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.5.29 advisory. - Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are...

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2024-44192 webkitgtk: A malicious website may exfiltrate data cross-origin CVE-2024-54467...

OSV-2024-1348 Heap-buffer-overflow in glslang::HlslGrammar::acceptDeclaration

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=382721848 Crash type: Heap-buffer-overflow READ 1 Crash state: glslang::HlslGrammar::acceptDeclaration glslang::HlslGrammar::acceptCompilationUnit glslang::HlslParseContext::parseShaderStrings...

ALSA-2023:6187 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.4.0 ESR. Security Fixes: Mozilla: Queued up rendering could have allowed websites to clickjack CVE-2023-5721 Mozilla: Memory safety bugs fixe...

OSV-2023-639 Heap-buffer-overflow in ucl_hash_destroy

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61062 Crash type: Heap-buffer-overflow READ 8 Crash state: uclhashdestroy uclobjectdtorunrefsingle uclobjectdtorunref...

SUSE-SU-2023:2211-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to version 102.11: - fixed: During Account Setup, the 'Checking password...' message was not removed after a failure bmo1826022 - fixed: Miscellaneous UI fixes bmo1827070 - fixed: Security fixes MFSA 2023-18 bsc1211175 -...

MGASA-2023-0157 Updated libxml2 packages fix security vulnerability

NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code...

SUSE-SU-2023:0206-1 Security update for ffmpeg

This update for ffmpeg fixes the following issues: - CVE-2022-3341: Fixed a potential crash when processing a crafted NUT stream bsc1206778. - CVE-2019-13390: Fixed a potential crash when processing a crafted AVI stream bsc1140754...

Medium: php71, php72, php73

Issue Overview: Function iconvmimedecodeheaders in PHP may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.CVE-2019-11039 When using gdImageCreateFromXbm function of PHP gd extension, it is possible to supply data that...

OPENSUSE-SU-2019:1108-1 Security update for wireshark

This update for wireshark to version 2.4.13 fixes the following issues: Security issues fixed: - CVE-2019-9214: Avoided a dereference of a null coversation which could make RPCAP dissector crash bsc1127367. - CVE-2019-9209: Fixed a buffer overflow in time values which could make ASN.1 BER and...