Security update for golang-github-prometheus-alertmanager

This update for golang-github-prometheus-alertmanager fixes the following issues: Update to version 0.28.1 jscPED-13285: Improved performance of inhibition rules when using Equal labels. Improve the documentation on escaping in UTF-8 matchers. Update alertmanagerconfighash metric help to document...

CVE-2025-50080

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

CVE-2025-24071PoC CVE-2025-24071: NTLM Hash Leak via RAR/ZIP...

CVE-2025-38148

In the Linux kernel, the following vulnerability has been resolved: net: phy: mscc: Fix memory leak when using one step timestamping Fix memory leak when running one-step timestamping. When running one-step sync timestamping, the HW is configured to insert the TX time into the frame, so there is ...

CVE-2024-12150

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eron Software Wowwo CRM allows Blind SQL Injection. This issue affects Wowwo CRM. NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will...

CVE-2024-12143 SQLi in Mobilteg Mobile Informatics' Mikro Hand Terminal - MikroDB

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mobilteg Mobile Informatics Mikro Hand Terminal - MikroDB allows SQL Injection.This issue affects Mikro Hand Terminal - MikroDB. NOTE: The vendor did not inform about the completion of the fixing...

CVE-2025-38036

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Perform early GT MMIO initialization to read GMDID VFs need to communicate with the GuC to obtain the GMDID value and existing GuC functions used for that assume that the GT has it's MMIO members already setup. However...

CVE-2024-12137 Authentication Bypass in Elfatek Elektronics' ANKA JPD-00028

Authentication Bypass by Capture-replay vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Session Hijacking. This issue affects ANKA JPD-00028: before V.01.01...

CVE-2025-23840

creationtimestamp| type| source ---|---|--- 2025-02-17 11:43:17+00:00| seen| https://infosec.exchange/users/cve/statuses/114019047659122558 2025-02-17 12:15:44+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3liepxwhkxx2i 2025-02-17 14:02:22+00:00| seen|...

CVE-2025-26755

creationtimestamp| type| source ---|---|--- 2025-02-16 22:59:13+00:00| seen| https://infosec.exchange/users/cve/statuses/114016043193338995 2025-02-16 23:16:10+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lidefxfb7u2g 2025-02-17 00:40:30+00:00| seen|...

CVE-2025-23419

When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS Session Tickets...

CVE-2024-49843 Improper Validation of Array Index in Graphics_Linux

Memory corruption while processing IOCTL from user space to handle GPU AHB bus error...

Advisory ROSA-SA-2025-2636

software: audiofile 0.3.6 OS: ROSA-CHROME packageevrstring: audiofile-0.3.6 CVE-ID: CVE-2015-7747 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Buffer overflow vulnerability in audiofile allows an attacker to cause a denial of service or execute arbitrary code through a specially crafted audio file...

CVE-2017-13318

creationtimestamp| type| source ---|---|--- 2025-01-28 16:55:31+00:00| seen| https://infosec.exchange/users/cve/statuses/113907029155033344 2025-01-28 16:59:36+00:00| seen| https://infosec.exchange/users/cve/statuses/113907045199621991 2025-01-28 17:15:27+00:00| seen|...

CVE-2024-57885

In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: fix sleeping function called from invalid context at print message Address a bug in the kernel that triggers a "sleeping function called from invalid context" warning when /sys/kernel/debug/kmemleak is printed under...

CVE-2024-56711

creationtimestamp| type| source ---|---|--- 2024-12-29 08:52:13+00:00| seen| https://infosec.exchange/users/cve/statuses/113735259410494399 2024-12-29 09:15:32+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3legolnuiyx2k 2024-12-29 10:41:11+00:00| seen|...

CVE-2024-45721

creationtimestamp| type| source ---|---|--- 2024-12-23 00:37:15+00:00| seen| https://infosec.exchange/users/cve/statuses/113699339277002170 2024-12-23 00:40:27+00:00| seen| https://infosec.exchange/users/cve/statuses/113699351893849907 2024-12-23 01:15:32+00:00| seen|...

CVE-2024-12692

creationtimestamp| type| source ---|---|--- 2024-12-18 21:49:00+00:00| seen| https://infosec.exchange/users/cve/statuses/113676028499435854 2024-12-18 22:16:24+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113676136226017385 2024-12-18 23:44:26+00:00| seen|...

CVE-2024-49063

creationtimestamp| type| source ---|---|--- 2024-12-10 17:33:56+00:00| seen| https://www.thezdi.com/blog/2024/12/10/the-december-2024-security-update-review 2024-12-10 18:07:25+00:00| seen| https://infosec.exchange/users/cve/statuses/113629858660025338 2025-01-15 01:10:23+00:00| seen|...

CVE-2024-54214

creationtimestamp| type| source ---|---|--- 2024-12-06 15:35:37+00:00| seen| https://infosec.exchange/users/cve/statuses/113606612446490248 2024-12-06 16:27:18+00:00| seen| https://t.me/cvedetector/12212...