CVE-2026-40860 Apache Camel: Unsafe Deserialization of JMS ObjectMessage in camel-jms, camel-sjms, camel-sjms2 and camel-amqp

JmsBinding.extractBodyFromJms in camel-jms, and the equivalent JmsBinding class in camel-sjms, deserialized the payload of incoming JMS ObjectMessage values via javax.jms.ObjectMessage.getObject without applying any ObjectInputFilter, class allowlist or class denylist. Because this code path is...

CVE-2026-40048

The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of .key files in the configured key directory using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. The cast to java.security.KeyPair is evaluated only after readObject has...

OpenSSL Toolkit 3.0.20

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.0 LTS release...

OpenSSL Toolkit 3.0.19

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.0 LTS release...

Clam AntiVirus Toolkit 1.4.3

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs ar...

USN-7381-1: Linux kernel (Low Latency) vulnerabilities

Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

USN-7308-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...

Ubuntu: Security Advisory (USN-7159-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (openSUSE-SU-2024:0342-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7072-2: Linux kernel (GKE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Watchdog drivers; - Netfilter; - Network traffic control; CVE-2024-38630, CVE-2024-27397, CVE-2024-45016...

CVE-2024-22369 Apache Camel: Camel-SQL: Unsafe Deserialization from JDBCAggregationRepository

Deserialization of Untrusted Data vulnerability in Apache Camel SQL ComponentThis issue affects Apache Camel: from 3.0.0 before 3.21.4, from 3.22.0 before 3.22.1, from 4.0.0 before 4.0.4, from 4.1.0 before 4.4.0. Users are recommended to upgrade to version 4.4.0, which fixes the issue. If users a...

USN-6303-2 clamav vulnerability

USN-6303-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: It was discovered that ClamAV incorrectly handled parsing HFS+ files. A remote attacker could possibly use this issue ...

Cross-site Scripting vulnerability in Jenkins

Since Jenkins 2.340, the tooltip of the build button in list views supports HTML without escaping the job display name. This vulnerability is known to be exploitable by attackers with Job/Configure permission. Jenkins 2.356 addresses this vulnerability. The tooltip of the build button in list vie...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.301.1.2.el7 - Revert 'net/rds: Allocate pages on HCA NUMA nodeid' Gerd Rausch Orabug: 33561324 - Revert 'net/rds: Allocate rdsibincoming,fragslab on HCA NUMA nodeid' Gerd Rausch Orabug: 33561324 - Revert 'net/rds: Use the same vector for send & receive' Gerd Rausch Orabug: 33561324 -...

SUSE: Security Advisory (SUSE-SU-2020:0059-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5 and 8.13 LTS releases should bundle Tomcat 8.5.63 or higher

h3. Issue Summary The Apache Tomcat version used by the currently available LTS Long Term Support releases has a few vulnerabilities, therefore the next LTS release should bundle an updated version of Tomcat. h3. Steps to Reproduce Not applicable. h3. Expected Results Not applicable. h3. Actual...

Parrot Security 4.5 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind

Parrot 4.5 is officially released, and there are some major changes under the hood, powered by the long-term supported Linux 4.19 kernel series, preparing the project for the upcoming Parrot 5.0 LTS release. For future releases, Parrot Security plans to a support two kernels, stable kernel and a...

SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2018:1183-1)

This update for nodejs6 fixes the following issues : - Fix some node-gyp permissions - New upstream LTS release 6.14.1 : - Security fixes : + CVE-2018-7160: Fix for inspector DNS rebinding vulnerability bsc1087463 + CVE-2018-7158: Fix for 'path' module regular expression denial of service...

SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2018:0293-1)

This update for nodejs6 fixes the following issues: Security issues fixed : - CVE-2017-15896: Vulnerable to CVE-2017-3737 due to embedded OpenSSL bsc1072322. - CVE-2017-14919: Embedded zlib issue could cause a DoS via specific windowBits value. - CVE-2017-3738: Embedded OpenSSL is vulnerable to...

Security Bulletin: Password disclosure via trace log vulnerability in IBM MQ Managed File Transfer (CVE-2017-1795)

Summary Trace files generated by IBM MQ Managed File Transfer commands display passwords in plain text. Vulnerability Details CVEID: CVE-2017-1795 DESCRIPTION: IBM MQ Managed File Transfer could allow a local user to obtain highly sensitive information via trace log files generated by its command...