The vulnerability of Microsoft Edge browser (based on Chromium) relates to information representation errors in the user interface, allowing attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge based on Chromium is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spear-phishing attacks...

The vulnerability of the Root Certificate Handler component of the software solution for secure remote access to data in Palo Alto Networks’ GlobalProtect App allows a malicious actor to escalate their privileges.

The vulnerability of the Root Certificate Handler component in the software for secure remote access to data in the Palo Alto Networks GlobalProtect App is related to errors in the certificate validation process. Exploiting this vulnerability can allow attackers to increase their privileges...

octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c

...

octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c

...

The vulnerability of the Opigno Learning path CMS system’s Drupal module lies in errors during the processing of input data during syntax analysis of code. This allows attackers to execute arbitrary code.

The vulnerability of the Opigno Learning path CMS system’s Drupal component is related to errors in data processing during syntax analysis of code. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Opigno’s Drupal CMS system lies in errors during the processing of input data during syntax analysis, allowing attackers to execute arbitrary code.

The vulnerability of Opigno’s Drupal CMS system is related to errors in data processing during syntax analysis of code. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Advisory ROSA-SA-2025-2631

software: libheif 1.12.0 WASP: ROSA-CHROME packageevrstring: libheif-1.12.0-4 CVE-ID: CVE-2021-36410 BDU-ID: 2023-01688 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the putepelhvfallback function of the fallback-motion.cc component of the h.265 Libde265 video codec implementation is related to...

SUSE CVE-2025-24389

Certain errors of the upstream libraries will insert sensitive information in the OTRS or OTRS Community Edition log mechanism and mails send to the system administrator. This issue affects: OTRS 7.0.X OTRS 8.0.X OTRS 2023.X OTRS 2024.X OTRS Community Edition: 6.0.x Products based on the OTRS...

The vulnerability of the nf_tables component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the nftables component in the Linux operating system’s kernel is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Linux operating system’s kernel, related to errors in resource release, allows a attacker to trigger a Denial-of-Service attack.

The vulnerability of the Linux operating system’s kernel is related to errors during resource release. Exploiting this vulnerability can allow an attacker to trigger a Denial-of-Service attack...

ROS-20250128-05

Vulnerability of the library for processing XML and HTML Lxml markup is related to pointer dereferencing errors NULL in the iterwalk function. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

The vulnerability of the Linux operating system’s kernel, related to pointer arithmetic errors, allows a hacker to trigger a service failure.

The vulnerability of the Linux operating system’s kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Linux operating system’s kernel, related to errors in thread locking, allows a hacker to trigger a service failure.

The vulnerability of the Linux operating system’s kernel is related to errors during thread blocking. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the devm_kzalloc function in the pcmdevice_i2c_probe component of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the devmkzalloc function in the pcmdevicei2cprobe component of the Linux kernel is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a system failure...

SUSE-SU-2025:0254-1 Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005565 fixes several issues. The following security issues were fixed: - CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefileswithdrawcookie bsc1229275. - CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. - CVE-2024-50264:...

SUSE-SU-2025:0255-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. - CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781. ...

Advisory ROSA-SA-2025-2572

software: squid 5.10 OS: ROSA-CHROME packageevrstring: squid-5.10-1 CVE-ID: CVE-2024-45802 BDU-ID: 2024-08860 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Squid proxy server is related to input processing errors. Exploitation of the vulnerability could allow an attacker acting remotely to cau...

Unbreakable Enterprise kernel security update

5.15.0-304.171.4.3 - NFSD: Limit the number of concurrent async COPY operations Chuck Lever Orabug: 37516381 CVE-2024-49974 - NFSD: Async COPY result needs to return a write verifier Chuck Lever Orabug: 37516381 CVE-2024-49974 - security/keys: fix slab-out-of-bounds in keytaskpermission Chen Rido...

ROS-20250127-03

A vulnerability in the drm/lima components of the Linux operating system kernel is related to incorrect calculation in the virtualncidevwrite function in drivers/nfc/virtualncidev.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in an x8...

Microsoft Edge’s vulnerability related to access control errors allows attackers to escalate their privileges.

The vulnerability of Microsoft Edge is related to access control errors. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...