haproxy bug fix and enhancement update

An update is available for haproxy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The haproxy packages provide a reliable, high-performance network load balanc...

keepalived security update

An update is available for keepalived. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The keepalived utility provides simple and robust facilities for load...

RLSA-2025:0917 Moderate: keepalived security update

The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server IPVS kernel module providing layer-4 transport layer load balancing. Keepalived implements a set of checke...

CVE-2025-1771

The Traveler theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.8 via the 'hotelaloneloadmorepost' function 'style' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the...

CVE-2025-20143

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Secure Boot functionality and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges o...

Deserialization of Untrusted Data

Overview qiskit-terra is a Software for developing quantum computing programs Affected versions of this package are vulnerable to Deserialization of Untrusted Data through the qiskit.qpy.load function. An attacker can execute arbitrary code by crafting a malicious QPY file and loading it via this...

SUSE CVE-2025-1293

Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0...

The vulnerability of the Model.load_model function in the Keras library allows a hacker to execute arbitrary code.

The vulnerability of the Model.loadmodel function in the Keras library is related to incorrect code generation. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

Arbitrary Code Injection

Overview graphql is a plain-Ruby implementation of GraphQL. Affected versions of this package are vulnerable to Arbitrary Code Injection via the GraphQL::Schema.fromintrospection or GraphQL::Schema::Loader.load processes. An attacker can execute arbitrary code by loading a crafted GraphQL schema...

CVE-2025-20143 Cisco IOS XR Software Secure Boot Bypass Vulnerability

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Secure Boot functionality and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges o...

Deserialization of Untrusted Data

Overview keras is a Keras is a high-level neural networks API for Python.. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the loadmodel function, which uses pickle for serialization. An attacker can execute code even if safemode is set to True, by supplyi...

VulnCheck KEV: CVE-2024-9593

The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 for Time Clock and 1.1.4 for Time Clock Pro via the 'etimeclockwploadfunctioncallback' function. This allows unauthenticated attackers to execute...

Linux Distros Unpatched Vulnerability : CVE-2024-56674

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: virtionet: correct netdevtxresetqueue invocation point When virtnetclose is followed by...

Linux Distros Unpatched Vulnerability : CVE-2024-53088

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted an...

CLSA-2025-1741216137 bind: Fix of CVE-2024-11187

CVE-2024-11187: limit additional section record while queries processing to prevent CPU exhaustion...

Linux Distros Unpatched Vulnerability : CVE-2022-49160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: qla2xxx: Fix crash during module load unload test During purex packet handling the driver was incorrectly freeing a pre-allocated structure. Fix this by...

Linux Distros Unpatched Vulnerability : CVE-2023-52854

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - padata: Fix refcnt handling in padatafreeshell In a high-load arm64 environment, the pcryptaead01 test in LTP can lead to system UAF Use-After-Free issues. Due...

WP Load Gallery 2.1.6 Shell Upload

WordPress WP Load Gallery plugin version 2.1.6 suffers from a remote shell upload vulnerability. ============================================================================================================================================= | Title : WP Load Gallery plugin v2.1.6 Code Injection...

Linux Distros Unpatched Vulnerability : CVE-2024-42245

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Revert sched/fair: Make sure to try to detach at least one movable task This reverts commit...

Linux Distros Unpatched Vulnerability : CVE-2024-43872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too...