14 matches found
EUVD-2026-19740
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.212, FreeScout does not take the limitusercustomervisibility parameter into account when merging customers. This vulnerability is fixed in 1.8.212...
SUSE-SU-2026:0385-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47633: ath5k: fix OOB in ath5keepromreadpcalinfo5111 bsc1237768. - CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream...
Security update for kernel-livepatch-MICRO-6-0_Update_9
This update for kernel-livepatch-MICRO-6-0Update9 fixes the following issues: CVE-2025-37752: netsched: schsfq: move the limit validation bsc1245776 CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability in class handling bsc1245793 CVE-2025-21702: pfifotailenqueue: Drop new packet when sch-limi...
SUSE-SU-2025:02611-1 Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024158 fixes several issues. The following security issues were fixed: - CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability in class handling bsc1245793. - CVE-2025-37752: netsched: schsfq: move the limit validation bsc1245776. - CVE-2024-53125:...
SUSE SLES15 Security Update : kernel RT (Live Patch 6 for SLE 15 SP6) (SUSE-SU-2025:01851-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01851-1 advisory. This update for the Linux Kernel 6.4.0-1506001020 fixes several issues. The following security issues were fixed: - CVE-2025-21680: pktgen:...
CVE-2022-39226
Discourse is an open source discussion platform. In versions prior to 2.8.9 on the stable branch and prior to 2.9.0.beta10 on the beta and tests-passed branches, a malicious actor can add large payloads of text into the Location and Website fields of a user profile, which causes issues for other...
CVE-2025-22124
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix wrong bitmaplimit for clustermd when write sb In clustermd, separate write-intent-bitmaps are used for each cluster node: 0 4k 8k 12k ------------------------------------------------------------------- | idle | ...
golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers
A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory,...
SUSE-SU-2022:4281-1 Security update for python3
This update for python3 fixes the following issues: - CVE-2022-37454: Fixed a buffer overflow in hashlib.sha3 implementations. bsc1204577 - CVE-2020-10735: Fixed a bug to limit amount of digits converting text to int and vice vera. bsc1203125 The following non-security bug was fixed: - Fixed a...
SUSE-SU-2021:3842-1 Security update for xen
This update for xen fixes the following issues: - CVE-2021-28701: Fixed race condition in XENMAPSPACEgranttable handling XSA-384 bsc1189632. - CVE-2021-28704, CVE-2021-28707, CVE-2021-28708: Fixed PoD operations on misaligned GFNs XSA-388 bsc1192557. - CVE-2021-28705, CVE-2021-28709: Fixed issues...
UVI-2021-1000637 NFS: fix an incorrect limit in filelayout_decode_layout()
NFS: fix an incorrect limit in filelayoutdecodelayout This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.124 by commit...
Kernel update: Virtuozzo ReadyKernel patch 74.0 for all supported Virtuozzo kernels and that of Virtuozzo Infrastructure Platform 2.5
The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to all supported Virtuozzo kernels and that of Virtuozzo Infrastructure Platform 2.5. Vulnerability id: PSBM-91566 It was found that unpacking a large tarball with a lot of small files could fail inside...
bash (important)
The command-line shell 'bash' evaluates environment variables, which allows the injection of characters and might be used to access files on the system in some circumstances CVE-2014-7169. Please note that this issue is different from a previously fixed vulnerability tracked under CVE-2014-6271 a...
tetrix.1.13.16.bof.txt
Date: Wed, 17 Feb 1999 13:03:45 -0800 From: Steven Hodges To: [email protected] Subject: Tetrix 1.13.16 is Vulnerable I have recently found a buffer overflow in a TetriNet daemon for Linux called "Tetrix". To exploit this bug, you will need a hostname longer than 122 characters, and any method...