Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.63 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.63 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

CVE-2026-32953 Tillitis: TKey Client has an Error in Protocol Implementation

Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets USS to be silently ignored, producing the same Compound Device Identifier CDI—and thus the same key...

MGASA-2025-0242 Updated haproxy packages fix security vulnerability & bugs

Haproxy has a critical, a major, few medium and few minor bugs fixed in the last upstream version 2.8.16 of branch 2.8. Fixed critical bug list: - mjson: fix possible DoS when parsing numbers Fixed major bug list: - listeners: transfer connection accounting when switching listeners Fixed medium...

Updated haproxy packages fix security vulnerability & bugs

Haproxy has a critical, a major, few medium and few minor bugs fixed in the last upstream version 2.8.16 of branch 2.8. Fixed critical bug list: - mjson: fix possible DoS when parsing numbers Fixed major bug list: - listeners: transfer connection accounting when switching listeners Fixed medium...

EUVD-2024-48064

Malicious code in bioql PyPI...

EUVD-2025-15629

Malicious code in bioql PyPI...

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2023-53056 scsi: qla2xxx: Synchronize the IOCB count to be in order

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Synchronize the IOCB count to be in order A system hang was observed with the following call trace: BUG: kernel NULL pointer dereference, address: 0000000000000000 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOPTI CPU: 15...

PT-2025-17866 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A critical bug in the Rust-Miniscript satisfier causes crashes when compiling certain threshold descriptors, such as 3-of-3 with mixed conditions. No funds were lost due to this issue...

Linux Distros Unpatched Vulnerability : CVE-2024-53170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blkmqclearflushrqmapping is not called duri...

GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access

GitHub has released security updates for Enterprise Server GHES to address multiple issues, including a critical bug that could allow unauthorized access to an instance. The vulnerability, tracked as CVE-2024-9487, carries a CVS score of 9.5 out of a maximum of 10.0 "An attacker could bypass SAML...

DEBIAN-CVE-2024-47665

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Error out instead on BUGON in IBI DMA setup Definitely condition dmagetcachealignment defined value 256 during driver initialization is not reason to BUGON. Turn that to graceful error out with -EINVAL...

Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.2 security update

An update is now available for Red Hat OpenShift GitOps v1.12.2 for Argo CD UI and Console Plugin. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

Medium: c-ares

Issue Overview: c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.328.3.el8 - IB/cm: Cancel mad on the DREQ event when the state is MRAREPRCVD Mark Zhang Orabug: 36143228 - KSPLICE: make sure the stack is zeroed. Gregory Herrero Orabug: 36154654 - sched/fair: Fix tg-load when offlining a CPU Vincent Guittot Orabug: 36185207 - i2c: core: Fix atomic...

Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers

A critical security vulnerability in the JetBrains TeamCity continuous integration and continuous deployment CI/CD software could be exploited by unauthenticated attackers to achieve remote code execution on affected systems. The flaw, tracked as CVE-2023-42793, carries a CVSS score of 9.8 and ha...

Bug on e handling of excess ETH deposits

Lines of code Vulnerability details The StaderStakePoolsManager contract contains a critical bug that could lead to financial loss and system instability. The bug is related to the handling of excess ETH deposits and the calculation of available ETH for new deposits. Bug Description: In the...

VetoProposal: user can veto multiple times so every proposal can be votoed by any user that has a small amount of votes

Lines of code Vulnerability details Impact The VetoProposal contract allows to veto proposals with the voteToVeto function. When the amount of votes collected to veto a proposal exceeds a certain threshold the passThresholdBps, which is determined upon initialization of the party, the proposal is...

Fortinet Warns of Active Exploitation of New SSL-VPN Pre-auth RCE Vulnerability

Fortinet on Monday issued emergency patches for a severe security flaw affecting its FortiOS SSL-VPN product that it said is being actively exploited in the wild. Tracked as CVE-2022-42475 CVSS score: 9.3, the critical bug relates to a heap-based buffer overflow vulnerability that could allow an...

Latest on OpenSSL 3.0.7 Critical Bug & Security-Fix

Potential disruptions following vulnerabilities found in OpenSSL...