Security update for xen

This update for xen fixes the following issues: CVE-2025-27465: Fixed incorrect stubs exception handling for flags recovery XSA-470 bsc1244644 Fixed more AMD transient execution attacks XSA-471 bsc1246112 Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

SUSE-SU-2025:02326-1 Security update for xen

This update for xen fixes the following issues: Security fixes: - CVE-2024-28956: Fixed Intel CPU: Indirect Target Selection ITS XSA-469 bsc1243117 - CVE-2024-53241: Fixed Xen hypercall page unsafe against speculative attacks XSA-466 bsc1234282 - CVE-2025-1713: Fixed deadlock potential with VT-d...

Security update for xen

This update for xen fixes the following issues: CVE-2024-36350, CVE-2024-36357: More AMD transient execution attacks bsc1246112, XSA-471 CVE-2025-27465: Incorrect stubs exception handling for flags recovery bsc1244644, XSA-470 Patch Instructions: To install this SUSE update use the SUSE recommend...

SUSE-SU-2025:02319-1 Security update for xen

This update for xen fixes the following issues: - CVE-2024-36350, CVE-2024-36357: More AMD transient execution attacks bsc1246112, XSA-471 - CVE-2025-27465: Incorrect stubs exception handling for flags recovery bsc1244644, XSA-470...

SUSE-SU-2025:02316-1 Security update for xen

This update for xen fixes the following issues: - CVE-2024-36350, CVE-2024-36357: More AMD transient execution attacks bsc1246112, XSA-471 - CVE-2025-27465: Incorrect stubs exception handling for flags recovery bsc1244644, XSA-470...

CVE-2022-30063

ftcms =2.1 was discovered to be vulnerable to code execution attacks...

CVE-2021-26822

Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthenticated attacker to leak sensitive information and perform code execution attacks...

Alibaba Cloud Linux 3 : 0042: cloud-kernel bugfix, enhancement and (ALINUX3-SA-2023:0042)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0042 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-33061: Insufficient control flow...

CVE-2024-56406 Perl is vulnerable to a heap buffer overflow when transliterating non-ASCII bytes

A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the tr operator, Sdotransinvmap can overflow the destination...

Perl -- heap buffer overflow when transliterating non-ASCII bytes

9b29abf9-4ab0-4765-b253-1875cd9b441e reports: A heap buffer overflow vulnerability was discovered in Perl. When there are non-ASCII bytes in the left-hand-side of the tr operator, Sdotransinvmap can overflow the destination pointer d. $ perl -e '$ = "\xFF" x 1000000; tr/\xFF/\x100/;' Segmentation...

CVE-2025-27597

Vue I18n is the internationalization plugin for Vue.js. @intlify/message-resolver and @intlify/vue-i18n-core are vulnerable to Prototype Pollution through the entry function: handleFlatJson. An attacker can supply a payload with Object.prototype setter to introduce or modify properties within the...

Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel

Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems that could be exploited to read sensitive data from the memory. The exploit, called Native Branch History Injection BHI, can be used to leak arbitrary kernel...

Zenbleed: New Flaw in AMD Zen 2 Processors Puts Encryption Keys and Passwords at Risk

A new security vulnerability has been discovered in AMD's Zen 2 architecture-based processors that could be exploited to extract sensitive data such as encryption keys and passwords. Discovered by Google Project Zero researcher Tavis Ormandy, the flaw – codenamed Zenbleed and tracked as...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:2809-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2809-1 advisory. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were...

Ubuntu 20.04 LTS : Linux kernel (Xilinx ZynqMP) vulnerabilities (USN-6151-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6151-1 advisory. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use...

AlmaLinux 8 : kernel (ALSA-2023:2951)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2951 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. CVE-2021-26341 - When sending...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:2231-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2231-1 advisory. - A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spect...

RHEL 8 : kernel (RHSA-2023:2951)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2951 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later...

RHEL 8 : kernel-rt (RHSA-2023:2736)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2736 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

AlmaLinux 9 : kernel-rt (ALSA-2023:2148)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2148 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. CVE-2021-26341 - When sending...