3922 matches found
Study Finds ROME AI Agent Attempted Cryptomining Without Instructions
A recent research paper describing the training of an experimental AI agent has started a discussion after the…...
RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface
Impact Vulnerability Type: Improper Control of Generation of Code 'Code Injection' CWE-94 / Improper Check for Unusual or Exceptional Conditions CWE-754 / Improper Input Validation CWE-20 / Use of Low-Level Functionality CWE-695 / Improper Privilege Management CWE-269 / External Control of System...
CVE-2026-0995
An issue has been identified in Arm C1-Pro before r1p2-50eac0, where, under certain conditions, a TLBI+DSB might fail to ensure the completion of memory accesses related to SME...
Security update for python-Authlib
This update for python-Authlib fixes the following issues: CVE-2025-68158: Fixed 1-click account takeover in applications that use the Authlib library bsc1256414 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for postgresql16
This update for postgresql16 fixes the following issue: Update to version 16.13 bsc1258754. Regression fixes: the substring function raises an error "invalid byte sequence for encoding" on non-ASCII text values if the source of that value is a database column caused by CVE-2026-2006 fix. a standb...
Security update for postgresql15
This update for postgresql15 fixes the following issues: Update to version 15.17 bsc1258754. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to...
Security update for gnome-remote-desktop
This update for gnome-remote-desktop fixes the following issue: CVE-2025-5024: an unauthenticated attacker can exhaust system resources bsc1244053. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...
Security update for chromium (important)
openSUSE security update: security update for chromium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20258-1 Rating: important References: bsc1258438 Cross-References: CVE-2026-2648 CVE-2026-2649 CVE-2026-2650 Affected Products: openSUSE Leap 16.0...
Medium: oci-add-hooks
Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...
Important: nvidia-imex
Issue Overview: NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of servic...
Important: nvidia-settings
Issue Overview: NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of servic...
Important: kmod-nvidia-open-dkms
Issue Overview: NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of servic...
📄 RustFly 2.0.0 Event Manipulation
The remote UI control mechanism of RustFly accepts raw hex-encoded instructions over UDP. Some sequences trigger execution of remote system-level operations. Improper sanitization allows command-level injection. Version 2.0.0 is affected...
Security update for kubernetes-old
This update for kubernetes-old rebuilds it against the current GO security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap...
Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, cont
This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.64.0 Release notes...
Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.42 fixes various security issues The following security issues were fixed: CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455. CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimer...
Malicious code in dzuseragents (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f0be670ad8e17f42129943a744559ebb8818c581bc637c1469cf8553b7b8f8c9 The package downloads an executable and adds it to autostart. The downloaded application then periodically creates a screenshot and sends it to a Discord...
MAL-2026-899 Malicious code in dzuseragents (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f0be670ad8e17f42129943a744559ebb8818c581bc637c1469cf8553b7b8f8c9 The package downloads an executable and adds it to autostart. The downloaded application then periodically creates a screenshot and sends it to a Discord...
Security update for helm
This update for helm rebuilds it against the current GO security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux Enterprise...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-4476: null pointer dereference may lead to denial of service bsc1243422. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...