Linux Distros Unpatched Vulnerability : CVE-2018-6131

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CLSA-2025-1755516017 tomcat6: Fix of CVE-2025-24813

CVE-2025-24813: enhance lifecycle of temporary files used by partial PUT...

tomcat6: Fix of CVE-2025-24813

CVE-2025-24813: enhance lifecycle of temporary files used by partial PUT...

CLSA-2025-1755513827 tomcat6: Fix of CVE-2025-24813

CVE-2025-24813: enhance lifecycle of temporary files used by partial PUT...

UBUNTU-CVE-2025-38527

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...

CVE-2025-38511

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Clear all LMTT pages on alloc Our LMEM buffer objects are not cleared by default on alloc and during VF provisioning we only setup LMTT PTEs for the actually provisioned LMEM range. But beyond that valid range we might...

CVE-2025-38527

CVE-2025-38527 affects the Linux kernel smb client (cifs_oplock_break). A race during unmount can lead to a use-after-free of cinode when the superblock is deactivated. The vulnerability occurs because cifs_oplock_break() may access cinode after the last superblock reference is released, triggeri...

CVE-2025-38527

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM Db2 shipped with IBM Security Guardium Key Lifecycle Manager

Summary IBM Db2 is shipped as a component of IBM Security Key Lifecycle Manager SKLM/GKLM. Information about multiple security vulnerabilities affecting IBM Db2 has been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Moderate: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CISA: Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators

This guidance outlines a process for OT owners and operators to create an asset inventory and OT taxonomy. This process includes defining scope and objectives for the inventory, identifying assets, collecting attributes, creating a taxonomy, managing data, and implementing asset life cycle...

Announcing General Availability (GA) of Exchange Subscription Edition (SE) Release to Manufacturing (RTM)

Announcing General Availability GA of Exchange Subscription Edition SE Release to Manufacturing RTM Exchange Server Subscription Edition SE was released for general availability on July 1, 2025. This release continues Microsoft’s commitment to supporting enterprise email services across cloud,...

PT-2025-32642 · Smartclient · Opcenter Ql Home +2

Name of the Vulnerable Software and Affected Versions: SmartClient Opcenter QL Home SC versions 13.2 through 2505 SmartClient SOA Audit versions 13.2 through 2505 SmartClient SOA Cockpit versions 13.2 through 2505 Description: The affected application improperly handles errors when accessing an...

IBM Engineering Lifecycle Optimization Publishing Cross-Site Scripting Vulnerability

IBM Engineering Lifecycle Optimization Publishing is an automated document generation solution from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM Engineering Lifecycle Optimization Publishing versions 7.0.2 and 7.03 that originates from an unvalidated URI...

The vulnerability of the IBM Engineering Lifecycle Optimization - Publishing software for creating reports is related to improper neutralization of encoded URI schemes on web pages, allowing attackers to perform cross-site scripting attacks.

The vulnerability of the IBM Engineering Lifecycle Optimization - Publishing software for creating reports is related to improper neutralization of encoded URI schemes on the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

Linux Distros Unpatched Vulnerability : CVE-2021-47587

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared...

CVE-2024-52890

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.03 could be susceptible to cross-site scripting due to no validation of URIs...

kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done

A vulnerability was found in the Linux kernel's management of network namespaces. By manipulating the lifecycle of network namespaces, an attacker could exploit this vulnerability to cause a system crash or leak sensitive system memory. Exploitation of this vulnerability requires that a user has...

.NET 8.0 Update - August 5, 2025 (KB5064838)

.NET 8.0 Update - August 5, 2025 KB5064838 .NET 8.0 has been refreshed with the latest update as of August 5, 2025. This update contains non-security fixes. See the release notes for details about updated packages..NET 8.0 servicing updates are upgrades. The latest servicing update for 8.0 will...