SUSE-SU-2025:20132-1 Security update for pam_u2f

This update for pamu2f fixes the following issues: - update to 1.3.2: Relax authfile permission check to a warning instead of an error to prevent a breaking change locking existing users out of their systems. - update to 1.3.1: CVE-2025-23013: Fixed problematic PAMIGNORE return values in...

Security update for pam_u2f

This update for pamu2f fixes the following issues: update to 1.3.2: Relax authfile permission check to a warning instead of an error to prevent a breaking change locking existing users out of their systems. update to 1.3.1: CVE-2025-23013: Fixed problematic PAMIGNORE return values in...

Linux Distros Unpatched Vulnerability : CVE-2018-5741

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - To provide fine-grained controls over the ability to use Dynamic DNS DDNS to update records in a zone, BIND 9 provides a feature called update-policy. Various...

CVE-2023-5676

creationtimestamp| type| source ---|---|--- 2025-03-03 15:40:30+00:00| seen| https://gist.github.com/juank704/8c144f4ae0004f19892c23b19deca658...

CVE-2025-21768

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels Some lwtunnels have a dst cache for post-transformation dst. If the packet destination did not change we may end up recording a reference to the lwtunnel in its own...

SUSE-SU-2025:0719-1 Recommended update for Maven

This update for Maven fixes the following issues: maven-dependency-analyzer was updated from version 1.13.2 to 1.15.1: - Key changes across versions: Bug fixes and improved support of dynamic types Dependency upgrades ASM, Maven core, and notably the removal of commons-io Improved error handling ...

CVE-2022-49611

In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly i...

CVE-2022-49468

In the Linux kernel, the following vulnerability has been resolved: thermal/core: Fix memory leak in thermalcoolingdeviceregister I got memory leak as follows when doing fault injection test: unreferenced object 0xffff888010080000 size 264312: comm "182", pid 102533, jiffies 4296434960 age 10.100...

CVE-2022-49688

In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afsgetattr consult the server didn't account for the pseudo-inodes employed by the dynamic root-type afs superblock not having a volume or a server to access, and thus an oop...

CVE-2022-49611

In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly i...

CVE-2022-49611

The CVE-2022-49611 entry refers to a Linux kernel x86 speculation mitigation: Fill RSB on vmexit for IBRS to prevent RSB underflow/poisoning. The description notes mitigation is implemented in the kernel and documents tribal knowledge about RSB attacks. Connected Nessus/OpenVAS entries for EulerO...

CVE-2025-26601

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...

GHSA-4G99-G84M-JR5M vulnerabilities

Vulnerabilities for packages: mysql...

GHSA-87C6-F68M-3J78 vulnerabilities

Vulnerabilities for packages: mysql...

openSUSE Security Advisory (SUSE-SU-2024:1801-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-26527

creationtimestamp| type| source ---|---|--- 2025-02-24 20:22:15+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5212 2025-02-24 22:08:32+00:00| seen| https://t.me/cvedetector/18824 2025-02-24 23:02:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lixhf53kgj2t...

CVE-2025-0690

creationtimestamp| type| source ---|---|--- 2025-02-24 08:21:08+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5132 2025-02-24 10:26:05+00:00| seen| https://t.me/cvedetector/18789 2025-02-24 10:47:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3liw6d56wio2s 2025-02-24...

Python 3.12 Documentation Cross Site Scripting

The official Python 3.12 documentation provides a code example that results in implementing insecure code susceptible to cross site scripting. Python's official documentation contains textbook example of insecure code XSS Date: 2025-02-18 Author: Georgi Guninski From the official Python 3.12...

[SECURITY] Fedora 41 Update: python3.11-3.11.11-5.fc41

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

[SECURITY] Fedora 41 Update: python3.10-3.10.16-5.fc41

Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...