SUSE CVE-2025-71303

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix race condition when checking rpmon When autosuspend is triggered, driver rpmon flag is set to indicate that a suspend/resume is already in progress. However, when a userspace application submits a command durin...

PT-2026-32372

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL Injection in the file /orms/admin/rooms/manage room.php...

PT-2026-20561

Name of the Vulnerable Software and Affected Versions itsourcecode Event Management System version 1.0 Description A SQL injection issue exists in itsourcecode Event Management System version 1.0. The issue is located in the /admin/manage booking.php file, within an unknown function. Manipulation...

SUSE CVE-2022-50339

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...

CVE-2025-41043

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAppReportCodeid' and 'dataAppReportCodename' parameters in /apprain/appreport/manage/...

Moderate: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.11.6 security update

An update is now available for Red Hat OpenShift GitOps v1.11.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

SUSE CVE-2023-52513

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix connection failure handling In case immediate MPA request processing fails, the newly created endpoint unlinks the listening endpoint and is ready to be dropped. This special case was not handled correctly by the co...

CVE-2022-28357

NATS nats-server 2.2.0 through 2.7.4 allows directory traversal because of an unintended path to a management action from a management account...

PT-2023-12941 · Nats · Nats Nats-Server

Name of the Vulnerable Software and Affected Versions: NATS nats-server versions 2.2.0 through 2.7.4 Description: The issue allows directory traversal due to an unintended path to a management action from a management account. This is caused by an unintended path in the management account of the...

PT-2022-5601 · Atlassian · Crowd

Name of the Vulnerable Software and Affected Versions: Atlassian Crowd versions 3.x.x through 5.x.x before 5.0.3 Atlassian Crowd versions 4.x.x before 4.4.4 Description: The issue is related to errors during the authentication procedure in the Atlassian Crowd data processing product's REST API...

CVE-2022-32404

Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/inmates/manageinmate.php:3...

Unbreakable Enterprise kernel security update

4.1.12-124.45.6 - qla2xxx: disable target reset during link reset and update version Quinn Tran Orabug: 32095664 - scsi: qla2xxx: Fix early srb free on abort Quinn Tran Orabug: 32095664 - scsi: qla2xxx: Fix comment in MODULEPARMDESC in qla2xxx Masanari Iida Orabug: 32095664 - scsi: qla2xxx: Enabl...

Gurbalib Path Traversal Vulnerability

Gurbalib is a lpmud mudlib game library for DGD drivers from the American software developer Kent Mein. A path traversal vulnerability exists in the lib/cmds/player/help.c file in Gurbalib versions 2020-04-30 and earlier. An attacker can exploit this vulnerability to read the management path...