Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.23 LTS and 13.1.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.5 security update

Important: Red Hat OpenShift GitOps v1.18.5 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-9158 OpenShift Gitops Operator v1.19.2 has hardcoded pod-security labels which conflict OCP = 4.16 GITOPS-9587 multiple CVEs in ose-kube-rbac-pro...

[SECURITY] [DSA 6215-1] gimp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6215-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 17, 2026 https://www.debian.org/security/faq -...

Important: cuda-toolkit-13

Issue Overview: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service. CVE-2025-23248 NVIDIA...

EUVD-2016-1356

Malware in sbrugna...

CVE-2025-32111

The Docker image from acme.sh before 40b6db6 is based on a .github/workflows/dockerhub.yml file that lacks "persist-credentials: false" for actions/checkout...

CVE-2022-42889: Detect Text4Shell via Qualys Container Security

A new critical vulnerability CVE-2022-42889 Text4Shell in Apache Commons Text library was reported by Alvaro Muñoz. The vulnerability, when exploited could result in remote code execution RCE applied to untrusted input due to insecure interpolation defaults. As a result, this CVE is rated at CVSS...

Scanvus – my open source Vulnerability Scanner for Linux hosts and Docker images

Hello everyone! This video was recorded for the VMconf 22 Vulnerability Management conference, vmconf.pw. I will be talking about my open source project Scanvus. This project is already a year old and I use it almost every day. Alternative video link for Russia: Scanvus Simple Credentialed...

Fedora 33 : jasper (2021-2b151590d9)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-2b151590d9 advisory. - The JPCNOMINALGAIN function in jpc/jpct1cod.c in JasPer through 2.0.12 allows remote attackers to cause a denial of service JPCCOXRFT assertion...

MGASA-2019-0239 Updated sdl2 packages fix security vulnerabilities

Updated sdl2 packages fix security vulnerabilities This release fixes various buffer overflows when parsing or processing damaged Waveform audio and BMP image files. - Fix CVE-2019-7572 a buffer overread in IMAADPCMnibble rhbz1676754 - Fix CVE-2019-7572 a buffer overwrite in IMAADPCMnibble...

SUSE-SU-2018:1472-1 Security update for tiff

This update for tiff fixes the following issues: Security issues fixed: - CVE-2016-5315: The setByteArray function in tifdir.c allowed remote attackers to cause a denial of service out-of-bounds read via a crafted tiff image. bsc984809 - CVE-2016-10267: LibTIFF allowed remote attackers to cause a...

MGASA-2016-0421 Updated libgd packages fixe security vulnerabilities

Ibrahim El-Sayed discovered that the GD library incorrectly handled certain malformed Tiff images. If a user or automated system were tricked into processing a specially crafted Tiff image, an attacker could cause a denial of service CVE-2016-6911. Emmanuel Law discovered that the GD library...

Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

Multiple vulnerabilities exist in the kernel-image-2.2.19-netwinder operating system from Debian GNU/Linux. Exploitation of these vulnerabilities may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local malicio...

Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kernel-image-2.6-em64t-p4-smp operating system of Debian GNU/Linux may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local malicious actors...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kernel-image-2.6.8-3-686-smp operating system of the Debian GNU/Linux distribution may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kernel-image-2.6.8-3-686 operating system of the Debian GNU/Linux distribution may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kernel-image-2.6.8-3-powerpc-smp operating system of the Debian GNU/Linux distribution may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The Linux-image-2.6.26-1-xen-amd64 package from the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kernel-image-2.4.18-powerpc-smp operating system of the Debian GNU/Linux distribution may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by malicious individuals locally...

Vulnerabilities in the Debian GNU/Linux operating system that allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

Multiple vulnerabilities in the linux-image-2.6.24-etchnhalf.1-amd64 package of the Debian GNU/Linux operating system. Its operation may lead to violations of confidentiality, integrity, and accessibility of protected information...