PT-2026-33303

The WSO2 API Manager developer portal accepts user-supplied input without enforcing expected validation constraints or proper output encoding. This deficiency allows a malicious actor to inject script content that is executed within the context of a user's browser. By leveraging this cross-site...

Behind the Scenes: Introducing the Akamai Design System

We recently made some design changes to our UI to improve the user experience. Lead Senior Software Engineer Jaalah Ramos expands on the “why” in this Q&A...

kernel: wifi: nl80211: reject iftype change with mesh ID change

CVE-2024-27410 is a vulnerability in the Linux kernel’s Wi-Fi subsystem, affecting the nl80211 interface. The issue occurs when a mesh ID is set while simultaneously switching the interface to mesh mode, which can overwrite critical data in the wireless device's configuration. This can lead to...

SUSE CVE-2024-37021

In the Linux kernel, the following vulnerability has been resolved: fpga: manager: add owner module and take its refcount The current implementation of the fpga manager assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's...

KLA12583 SUI vulnerability in Microsoft System Center

A tampering vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2022-33637 Related products Microsoft-Defender-for-Endpoint-for-Windows CVE list CVE-2022-33637 high KB list Solution Install necessary...

SUSE-SU-2022:1582-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: This update contains the Firefox Extended Support Release 91.1.0 ESR. Fixed: Various stability, functionality, and security fixes MFSA 2021-40 bsc1190269, bsc1190274: CVE-2021-38492: Navigating to mk: URL scheme could load Internet Explor...

Specification non-compliance in JUMPI

Impact In evm crate 0.31.0, JUMPI opcode's condition is checked after the destination validity check. However, according to Geth and OpenEthereum, the condition check should happen before the destination validity check. Patches This is a high severity security advisory if you use evm crate for...

OPENSUSE-SU-2021:3451-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: This update contains the Firefox Extended Support Release 91.2.0 ESR. Release 91.2.0 ESR: Fixed: Various stability, functionality, and security fixes MFSA 2021-45 bsc1191332: CVE-2021-38496: Use-after-free in MessageTask CVE-2021-38497:...

SUSE-SU-2021:3331-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: This update contains the Firefox Extended Support Release 91.2.0 ESR. Firefox Extended Support Release 91.2.0 ESR Fixed: Various stability, functionality, and security fixes MFSA 2021-45 bsc1191332 CVE-2021-38496: Use-after-free in...

Security update for MozillaFirefox (important)

openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2021:3331-1 Rating: important References: 1188891 1189547 1190269 1190274 1190710 1191332 Cross-References: CVE-2021-29980 CVE-2021-29981 CVE-2021-29982 CVE-2021-29983 CVE-2021-29984 CVE-2021-29985...

SUSE-SU-2021:14821-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: This update contains the Firefox Extended Support Release 91.1.0 ESR. Fixed: Various stability, functionality, and security fixes MFSA 2021-40 bsc1190269, bsc1190274: CVE-2021-38492: Navigating to mk: URL scheme could load Internet Explor...

OPENSUSE-SU-2021:1250-1 Security update for nextcloud

This update for nextcloud fixes the following issues: Update to 20.0.12 Fix boo1190291: - CVE-2021-32766 CWE-209: Generation of Error Message Containing Sensitive Information - CVE-2021-32800 CWE-306: Missing Authentication for Critical Function - CVE-2021-32801 CWE-532: Insertion of Sensitive...

OPENSUSE-SU-2020:0950-1 Security update for opera

This update for opera fixes the following issues: - Update to version 69.0.3686.49 - CHR-7971 Update chromium on desktop-stable-83-3686 to 83.0.4103.116 CVE-2020-6509 - DNA-79195 Wrong date on history - DNA-86090 Crash at views::View::ReorderChildViewviews::View, int - DNA-86122 Mac Some popovers...

OPENSUSE-SU-2020:0709-1 Security update for opera

This update for opera fixes the following issues: Opera was updated to version 68.0.3618.104 - CHR-7909 Update chromium on desktop-stable-81-3618 to 81.0.4044.138 - CVE-2020-6831, CVE-2020-6464 - DNA-85609 Mac Tabs shrinking & disappearing - DNA-85629 Crash at...

openSUSE Security Update : Chromium (openSUSE-2019-559)

This update for Chromium to version 68.0.3440.75 fixes multiple issues. Security issues fixed boo1102530 : - CVE-2018-6153: Stack-based buffer overflow in Skia - CVE-2018-6154: Heap buffer overflow in WebGL - CVE-2018-6155: Use after free in WebRTC - CVE-2018-6156: Heap buffer overflow in WebRTC ...

FreeBSD : PuTTY -- security fixes in new release (46e1ece5-48bd-11e9-9c40-080027ac955c)

The PuTTY team reports : New in 0.71 : - Security fixes found by an EU-funded bug bounty programme : - + a remotely triggerable memory overwrite in RSA key exchange, which can occur before host key verification - + potential recycling of random numbers used in cryptography - + on Unix, remotely...

openSUSE Security Update : Chromium (openSUSE-2018-780)

This update for Chromium to version 68.0.3440.75 fixes multiple issues. Security issues fixed boo1102530 : - CVE-2018-6153: Stack-based buffer overflow in Skia - CVE-2018-6154: Heap buffer overflow in WebGL - CVE-2018-6155: Use after free in WebRTC - CVE-2018-6156: Heap buffer overflow in WebRTC ...

ntp security update

4.2.6p5-25.0.1.el73.1 - Bump release to avoid ULN conflict with Oracle modified errata. 4.2.6p5-25.el73.1 - don't limit rate of packets from sources CVE-2016-7426 - don't change interface from received packets CVE-2016-7429 - fix calculation of root distance again CVE-2016-7433 - require...

openSUSE Security Update : libgcrypt (openSUSE-SU-2013:1294-1)

libgcrypt was updated to 1.5.3 bnc831359 to fix a security issue, bugs and get some new features : Security issue fixed : - Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA secret keys. See . - contains changes from 1.5.2 - The upstream sources now contain the IDEA algorithm,...

Fedora 17 : phpMyAdmin-3.5.0-1.fc17 (2012-5599)

Changes for 3.5.0.0 2012-04-07 : - interface Add support for mass prefix change. - display 'up to date' message on main page when current version is up to date - feature Update to jQuery 1.6.2 - search Show/hide db search results - patch Add gettext wrappers around a message - cleanup Remove...