Important: Red Hat Security Advisory: OpenShift Virtualization v4.19 Images

Red Hat OpenShift Virtualization release v4.19 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...

Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.19.16 security, enhancement & bug fix update

Red Hat OpenShift Data Foundation 4.19.16 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.19.16 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-6482: Backport to odf-4.19.z ODF installation constantly fails with Assisted Installer CVEs: ==========...

RHCOS 4 : OpenShift Container Platform 4.19.3 (RHSA-2025:10291)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10291 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Note that Nessus has not tested for this...

Important: Red Hat Security Advisory: RHTAS 1.3.4 - Red Hat Trusted Artifact Signer Release

The 1.3.4 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

Important: Red Hat Security Advisory: RHTAS 1.3.2 - Red Hat Trusted Artifact Signer Release

The 1.3.2 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

Advisory ROSA-SA-2026-3114

software: samba 4.19 WASP: ROSA-CHROME unaffected versions = samba-4.19 affected versions samba-4.19 CVE-ID: CVE-2025-10230 BDU-ID: 2025-13037 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability exists in the WINS name resolution server implementation of the Samba networking suite due to failure to ta...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003163)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003163 advisory. In the Linux kernel 4.15.x through 4.19.x before 4.19.2, mapwrite in kernel/usernamespace.c allows privilege escalation because it mishandles nested user namespaces...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000336)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000336 advisory. In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enablesacfuaccess in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000434)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000434 advisory. An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to...

CVE-2025-67596

Cross-Site Request Forgery CSRF vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Cross Site Request Forgery.This issue affects Business Directory: from n/a through = 6.4.19...

CVE-2025-67596

Cross-Site Request Forgery CSRF vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Cross Site Request Forgery.This issue affects Business Directory: from n/a through = 6.4.19...

EUVD-2025-202057

Cross-Site Request Forgery CSRF vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Cross Site Request Forgery.This issue affects Business Directory: from n/a through = 6.4.19...

CVE-2025-67596

CVE-2025-67596 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress WordPress Business Directory Plugin (Strategy11 Team) up to version 6.4.19. The issue arises from inadequate request verification, allowing an attacker to perform actions on behalf of authenticated users. ...

PT-2025-49970

Name of the Vulnerable Software and Affected Versions Business Directory versions through 6.4.19 Description A Cross-Site Request Forgery CSRF issue exists in Strategy11 Team Business Directory business-directory-plugin. This allows attackers to perform actions on behalf of authenticated users...

Fedora 43 : migrate (2025-427af3b610)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-427af3b610 advisory. - Update to 4.19.0 - Address CVEs by rebuilding with Go 1.25.4 Tenable has extracted the preceding description block directly from the Fedora securi...

Fedora 42 : migrate (2025-57302ba8ea)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-57302ba8ea advisory. - Update to 4.19.0 - Address CVEs by rebuilding with Go 1.24.10 Tenable has extracted the preceding description block directly from the Fedora...

CVE-2025-66420

Tryton sao aka tryton-sao before 7.6.9 allows XSS via an HTML attachment. This is fixed in 7.6.9, 7.4.19, 7.0.38, and 6.0.67...

Important: Red Hat Security Advisory: RHTAS 1.3.1 - Tech Preview Release Of the Policy Controller Operator

The Tech Preview release of the RHTAS Policy Controller Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Policy Controller Operator can be used with OpenShift Container Platform 4.15, 4.16,...

CVE-2025-58456

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.17 bug fix and security update

Red Hat OpenShift Container Platform release 4.19.17 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...