SUSE SLES15 Security Update : kernel RT (Live Patch 4 for SLE 15 SP6) (SUSE-SU-2025:03468-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03468-1 advisory. This update for the Linux Kernel 6.4.0-1506001014 fixes several issues. The following security issues were fixed: - CVE-2025-38477: net/sched:...

EUVD-2020-6466

Malware in sbrugna...

EUVD-2022-46568

Malicious code in bioql PyPI...

ABB M2M Gateway Out-Of-Bound Read/Write in embedded Linux Kernel (CVE-2023-42753)

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local...

CVE-2023-35995

Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...

PT-2024-12543 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue is related to improper array index validation in the fstReaderIterBlocks2 tdelta functionality. A specially crafted .fst file can lead to arbitrary code execution when opened by a victim. The...

ALSA-2023:4177 Moderate: java-17-openjdk security and bug fix update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 OpenJDK: improper handling o...

SUSE CVE-2018-4210

In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks...

PT-2023-7935 · Unisoc · Unisoc Chipsets

Name of the Vulnerable Software and Affected Versions: Unisoc chipsets engineermode services affected versions not specified Description: The issue is related to a missing permission check in engineermode services, which could lead to local denial of service. Additionally, there is an array...

CVE-2018-4210

In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks...

CVE-2018-4210

In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks...

CVE-2018-4210

CVE-2018-4210 concerns WebKit’s JavaScriptCore on Apple platforms (iOS, Safari, tvOS, watchOS) and iTunes on Windows. The vulnerability is an array indexing issue in the handling of a function within JavaScriptCore, which could lead to memory corruption if exploited. Apple’s references indicate t...

CVE-2018-7406

An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. This vulnerability allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

CVE-2018-7406

An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. This vulnerability allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

Joyent SmartOS dtrace Zone Escape Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Joyent SmartOS. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within the dtrace implementation in SmartOS. A meth...

artmedic_links5 PHP Script (include path) vuln

There's a possilbity of looking at files with apache priviliges using artmediclinks5 php script. http://www.artmedic-phpscripts.de/artmediclinks.php. Vulnerability include path is in index.php, standard use: hostname/artmediclinks5/index.php?id=file or index.php?id=url I noticed there's a lot of...

Fresh hole in W3Mail

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Nth Dimension Security Advisory NDSA20021112 Date: 12th November 2002 Author: Tim Brown mailto:[email protected] URL: http://www.nth-dimension.org.uk/ / http://www.machine.org.uk/ Product: W3Mail up to and including 1.0.6 http://www.w3mail.org...