SUSE-SU-2025:0719-1 Recommended update for Maven

This update for Maven fixes the following issues: maven-dependency-analyzer was updated from version 1.13.2 to 1.15.1: - Key changes across versions: Bug fixes and improved support of dynamic types Dependency upgrades ASM, Maven core, and notably the removal of commons-io Improved error handling ...

CVE-2022-49611

In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly i...

CVE-2022-49688

In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afsgetattr consult the server didn't account for the pseudo-inodes employed by the dynamic root-type afs superblock not having a volume or a server to access, and thus an oop...

CVE-2022-49468

In the Linux kernel, the following vulnerability has been resolved: thermal/core: Fix memory leak in thermalcoolingdeviceregister I got memory leak as follows when doing fault injection test: unreferenced object 0xffff888010080000 size 264312: comm "182", pid 102533, jiffies 4296434960 age 10.100...

CVE-2022-49611

In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly i...

CVE-2022-49611

The CVE-2022-49611 entry refers to a Linux kernel x86 speculation mitigation: Fill RSB on vmexit for IBRS to prevent RSB underflow/poisoning. The description notes mitigation is implemented in the kernel and documents tribal knowledge about RSB attacks. Connected Nessus/OpenVAS entries for EulerO...

CVE-2025-26601

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...

GHSA-87C6-F68M-3J78 vulnerabilities

Vulnerabilities for packages: mysql...

GHSA-4G99-G84M-JR5M vulnerabilities

Vulnerabilities for packages: mysql...

openSUSE Security Advisory (SUSE-SU-2024:1801-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-26527

creationtimestamp| type| source ---|---|--- 2025-02-24 20:22:15+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5212 2025-02-24 22:08:32+00:00| seen| https://t.me/cvedetector/18824 2025-02-24 23:02:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lixhf53kgj2t...

CVE-2025-0690

creationtimestamp| type| source ---|---|--- 2025-02-24 08:21:08+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5132 2025-02-24 10:26:05+00:00| seen| https://t.me/cvedetector/18789 2025-02-24 10:47:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3liw6d56wio2s 2025-02-24...

Python 3.12 Documentation Cross Site Scripting

The official Python 3.12 documentation provides a code example that results in implementing insecure code susceptible to cross site scripting. Python's official documentation contains textbook example of insecure code XSS Date: 2025-02-18 Author: Georgi Guninski From the official Python 3.12...

[SECURITY] Fedora 41 Update: python3.10-3.10.16-5.fc41

Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...

[SECURITY] Fedora 41 Update: python3.11-3.11.11-5.fc41

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use Kafka nodes are vulnerable to privilege escalation [CVE-2024-31141]

Summary The Apache Kafka client is used by IBM App Connect Enterprise Certified Container for the Kafka client nodes. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that run toolkit flows containing Kafka nodes are vulnerable to privilege...

CVE-2024-13783

creationtimestamp| type| source ---|---|--- 2025-02-18 11:15:54+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lih53tqlfz2g 2025-02-18 12:38:08+00:00| seen| https://t.me/cvedetector/18318 2025-02-18 13:56:45+00:00| seen|...

CLSA-2025-1739812242 Fix CVE(s): CVE-2024-3596

SECURITY UPDATE: Generate and verify message MACs in libkrad - debian/patches/CVE-2024-3596.patch: implement support for Message-Authenticator in libkrad - CVE-2024-3596 debian/control: add package Recommends to krb5-doc...

CLSA-2025-1739812201 Fix CVE(s): CVE-2024-3596

SECURITY UPDATE: Generate and verify message MACs in libkrad - debian/patches/CVE-2024-3596.patch: implement support for Message-Authenticator in libkrad - CVE-2024-3596 debian/control: add package Recommends to krb5-doc...

CVE-2025-26578

Cross-Site Request Forgery CSRF vulnerability in mathieuhays Simple Documentation client-documentation allows Stored XSS.This issue affects Simple Documentation: from n/a through = 1.2.8...