Virtuozzo Hybrid Infrastructure 6.1 Update 1 (6.1.1-35)

In this release, Virtuozzo Hybrid Infrastructure enables virtual CPU and RAM overcommitment per node, as well as provides stability and performance improvements, and addresses issues found in previous releases. Vulnerability id: VSTOR-49565 Network errors occur when migrating a VM that was...

SUSE-SU-2024:1673-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues: - Fixed ImagePath.Path array handling bsc1194552, CVE-2022-22815, bsc1194551, CVE-2022-22816 - Use snprintf instead of sprintf bsc1188574, CVE-2021-34552 - Fix Memory DOS in Icns, Ico and Blp Image Plugins. bsc1183110, CVE-2021-27921,...

May 14, 2024—KB5037780 (Monthly Rollup)

May 14, 2024—KB5037780 Monthly Rollup End of support information As of January 10, 2023, Microsoft no longer provides security updates or technical support for Windows 7 Service Pack 1 SP1. We recommend that you upgrade to a supported version of Windows. For more information, see Update that...

May 14, 2024—KB5037782 (OS Build 20348.2461)

May 14, 2024—KB5037782 OS Build 20348.2461 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when ne...

SUSE-SU-2024:1461-1 Security update for shim

This update for shim fixes the following issues: - Update shim-install to set the TPM2 SRK algorithm bsc1213945 - Limit the requirement of fde-tpm-helper-macros to the distro with suseversion 1600 and above bsc1219460 Update to version 15.8: Security issues fixed: - mok: fix LogError invocation...

SUSE-SU-2024:1450-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: - CVE-2024-21011: Fixed denial of service due to long Exception message logging JDK-8319851,bsc1222979 - CVE-2024-21068: Fixed integer overflow in C1 compiler address generation JDK-8322122,bsc1222983 - CVE-2024-21085: Fixed Pack200...

April 23, 2024—KB5036980 (OS Builds 22621.3527 and 22631.3527) Preview

April 23, 2024—KB5036980 OS Builds 22621.3527 and 22631.3527 Preview 2/27/24 IMPORTANT: New dates for the end of non-security updates for Windows 11, version 22H2The new end date is June 24, 2025 for Windows 11, version 22H2 Enterprise and Education editions. Home and Pro editions of version 22H2...

April 23, 2024—KB5036979 (OS Build 19045.4355) Preview

April 23, 2024—KB5036979 OS Build 19045.4355 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page. Note Follow...

SUSE-SU-2024:1345-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2024-24549: Fixed denial of service during header validation for HTTP/2 stream bsc1221386 - CVE-2024-23672: Fixed denial of service due to malicious WebSocket client keeping connection open bsc1221385 Other fixes: - Update to Tomcat 9.0.87...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-115.10.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...

SUSE-SU-2024:1311-1 Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container

This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: - Impro...

SUSE-SU-2024:1304-1 Security update for eclipse, maven-surefire, tycho

This update for eclipse, maven-surefire, tycho fixes the following issues: eclipse received the following security fix: - CVE-2023-4218: Fixed a bug where parsing files with xml content laeds to XXE attacks. bsc1216992 maven-sunfire was updated from version 2.22.0 to 2.22.2: - Changes in version...

SUSE-SU-2024:1270-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - CVE-2024-23252: Fixed denial of service via crafted web content bsc1222010. - CVE-2024-23254: Fixed possible audio data exilftration cross-origin via malicious website bsc1222010. - CVE-2024-23263: Fixed lack of Content Security Policy...

SUSE-SU-2024:1269-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - CVE-2024-23252: Fixed denial of service via crafted web content bsc1222010. - CVE-2024-23254: Fixed possible audio data exilftration cross-origin via malicious website bsc1222010. - CVE-2024-23263: Fixed lack of Content Security Policy...

graingerhomeimprovements.com Cross Site Scripting vulnerability OBB-3917299

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-31925 WordPress F4 Improvements plugin <= 1.8.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FAKTOR VIER F4 Improvements allows Stored XSS.This issue affects F4 Improvements: from n/a through 1.8.0...

CVE-2024-31925 WordPress F4 Improvements plugin <= 1.8.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FAKTOR VIER F4 Improvements allows Stored XSS.This issue affects F4 Improvements: from n/a through 1.8.0...

WordPress Plugin F4 Improvements 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

squid security update

7:3.5.20-17.0.1 - Mutiple CVE fixes for squid Orabug: 33146289 - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manager URL parsing 788 - Resolves: CVE-2021-31806,31807,31808 squid: Handle more Range...

PT-2024-24288 · Unknown · Faktor Vier F4 Improvements

Name of the Vulnerable Software and Affected Versions: FAKTOR VIER F4 Improvements versions 1.8.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows stored cross-site scripting XSS. This means that an attacker can inject...