[SECURITY] Fedora 42 Update: fvwm3-1.1.4-1.fc42

Fvwm is a window manager for X11. It is designed to minimize memory consumption, provide a 3D look to window frames, and implement a virtual desktop...

[SECURITY] Fedora 41 Update: fvwm3-1.1.4-1.fc41

Fvwm is a window manager for X11. It is designed to minimize memory consumption, provide a 3D look to window frames, and implement a virtual desktop...

[SECURITY] Fedora 43 Update: fvwm3-1.1.4-1.fc43

Fvwm is a window manager for X11. It is designed to minimize memory consumption, provide a 3D look to window frames, and implement a virtual desktop...

SUSE CVE-2025-40159

In the Linux kernel, the following vulnerability has been resolved: xsk: Harden userspace-supplied xdpdesc validation Turned out certain clearly invalid values passed in xdpdesc from userspace can pass xp,unalignedvalidatedesc and then lead to UBs or just invalid frames to be queued for xmit...

Apache OpenOffice < 4.1.16 Multiple Vulnerabilities

The version of Apache OpenOffice installed on the remote host is prior to 4.1.16. It is, therefore, affected by multiple vulnerabilities, including: - Apache OpenOffice Calc spreadsheet can contain links to other files, in the form of 'external data sources'. A missing Authorization vulnerability...

CVE-2025-64401

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "floating frames" linke...

Siemens SIMATIC S7-1500 Allocation of Resources Without Limits or Throttling (CVE-2024-28182)

nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK...

Siemens SIMATIC S7-1500 Uncontrolled Resource Consumption (CVE-2023-35945)

Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeeping structures upon receiving RSTSTREAM immediately followed by the GOAWAY frames from an upstream server. In nghttp2, cleanup of pending requests due to receipt of the GOAWA...

EUVD-2025-119983

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "floating frames" linke...

CVE-2025-64401

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "floating frames" linke...

CVE-2025-64401

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "floating frames" linke...

CVE-2025-64401 Apache OpenOffice: Remote documents loaded without prompt via IFrame

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "floating frames" linke...

CVE-2025-64401 Apache OpenOffice: Remote documents loaded without prompt via IFrame

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "floating frames" linke...

CVE-2025-64401

Apache OpenOffice is affected by a vulnerability where documents with floating frames linked to external files can load external content without user permission. Root cause: missing Authorization to load external links. Affected versions: Apache OpenOffice up to 4.1.15. Impact: loading external f...

Linux Distros Unpatched Vulnerability : CVE-2025-40159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xsk: Harden userspace-supplied xdpdesc validation Turned out certain clearly invalid values passed in xdpdesc from userspace can pass xp,unalignedvalidatedesc a...

Low: firefox

Issue Overview: No CVE associated with this advisory Affected Packages: firefox Issue Correction: Run dnf update firefox --releasever 2023.9.20251110 or dnf update --advisory ALAS2023-2025-1284 --releasever 2023.9.20251110 to update your system. More information on how to update your system can b...

Low: lz4

Issue Overview: No CVE associated with this advisory Affected Packages: lz4 Issue Correction: Run dnf update lz4 --releasever 2023.9.20251110 or dnf update --advisory ALAS2023-2025-1266 --releasever 2023.9.20251110 to update your system. More information on how to update your system can be found ...

Low: lz4

Issue Overview: No CVE associated with this advisory Affected Packages: lz4 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update lz4 or yum update --advisory...

Low: thunderbird

Issue Overview: No CVE associated with this advisory Affected Packages: thunderbird Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update thunderbird or yum...

Low: firefox

Issue Overview: No CVE associated with this advisory Affected Packages: firefox Note: This advisory is applicable to Amazon Linux 2 - Firefox Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories...