30 matches found
CVE-2025-8714 affecting package postgresql for versions less than 14.19-1
CVE-2025-8714 affecting package postgresql for versions less than 14.19-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-53905 affecting package vim for versions less than 9.1.1552-1
CVE-2025-53905 affecting package vim for versions less than 9.1.1552-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-38102
In the Linux kernel, the following vulnerability has been resolved: VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify During our test, it is found that a warning can be trigger in trygrabfolio as follow: ------------ cut here ------------ WARNING: CPU: 0 PID: 1678 at mm/gup.c:147...
CVE-2025-38113
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fix NULL pointer dereference when nosmp is used With nosmp in cmdline, other CPUs are not brought up, leaving their cpcdescptr NULL. CPU0's iteration via foreachpossiblecpu dereferences these NULL pointers, causing...
CVE-2025-5996
Removed by vendor...
CVE-2025-37924
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in kerberos authentication Setting sess-user = NULL was introduced to fix the dangling pointer created by ksmbdfreeuser. However, it is possible another thread could be operating on the session and make...
CVE-2023-53140
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/$procname directory earlier Remove the /proc/scsi/$procname directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug introduced in 2009 by commit...
CVE-2025-2814
Crypt::CBC versions between 1.21 and 3.05 for Perl may use the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This issue affects operating systems where "/dev/urandom'" is unavailable. In that case, Crypt::CBC will fallback to...
CVE-2025-27837
An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gpmswin.c and base/winrtsup.cpp...
CVE-2024-57943
In the Linux kernel, the following vulnerability has been resolved: exfat: fix the new buffer was not zeroed before writing Before writing, if a bufferhead marked as new, its data must be zeroed, otherwise uninitialized data in the page cache will be written. So this commit uses foliozeronewbuffe...
CVE-2024-52308 affecting package gh for versions less than 2.62.0-1
CVE-2024-52308 affecting package gh for versions less than 2.62.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-21129 affecting package mysql for versions less than 8.0.40-1
CVE-2024-21129 affecting package mysql for versions less than 8.0.40-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-48992
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: Add NULL check in BE reparenting Add NULL check in dpcmbereparent API, to handle kernel NULL pointer dereference error. The issue occurred in fuzzing test...
CVE-2024-45028 affecting package kernel for versions less than 6.6.51.1-1
CVE-2024-45028 affecting package kernel for versions less than 6.6.51.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-46832 affecting package kernel for versions less than 5.15.167.1-1
CVE-2024-46832 affecting package kernel for versions less than 5.15.167.1-1. An upgraded version of the package is available that resolves this issue...
postgresql security update
13.11-1.0.1 - Fixed postgresql port binding issue during bootup Orabug: 35420628 13.11-1 - Update to 13.11 - Resolves: 2207935...
CVE-2023-26554
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...
CVE-2021-36160 affecting package httpd for versions less than 2.4.52-1
CVE-2021-36160 affecting package httpd for versions less than 2.4.52-1. An upgraded version of the package is available that resolves this issue...
CVE-2020-11758
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h...
polkit security and bug fix update
0.112-26.0.1 - Increase timeout to avoid defunct processes Orabug: 26930744 0.112-26 - Refined upstream fix of CVE-2018-1116 to avoid ABI changes - Related: rhbz1601411 0.112-25 - fix of CVE-2018-1116 - Resolves: rhbz1601411 0.112-24 - pkttyagent: resetting terminal erases rest of input line -...