Fedora 42 : coturn (2026-e673311164)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e673311164 advisory. Coturn 4.10.0 Performance Add Linux-only recvmmsg client receive path for DTLS/UDP listener Skip response buffer allocation for STUN indications...

OPENSUSE-SU-2026:20394-1 Security update for mumble

This update for mumble fixes the following issues: Changes in mumble: - CVE-2025-71264: opus incorrect size calculations allow for an out-of-bounds array access and can lead to a client crash boo1259721 - Update to version 1.5.857: fixes for undesired ACL behavior Client bug fixes: UI, memory...

SUSE-SU-2026:0741-1 Security update for shim

This update for shim fixes the following issues: shim is updated to version 16.1: - shimstartimage: fix guid/handle pairing when uninstalling protocols - Fix uncompressed ipv6 netboot - fix test segfaults caused by uninitialized memory - SbatLevelVariable.txt: minor typo fix. - Realloc needs to...

Unbreakable Enterprise kernel security update

6.12.0-108.64.6.3 - net/rds: Fix issue with a revert in rdssendqueuerm Sharath Srinivasan Orabug: 38937451 6.12.0-108.64.6.2 - Revert 'net/rds: fix crash by expanding kref coverage to rdsincoming.iconn' Sharath Srinivasan Orabug: 38937451 - Revert 'net/rds: expand kref coverage to...

MiracleLinux 7 : firefox-68.11.0-1.0.1.el7.AXS7 (AXSA:2020-256:17)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-256:17 advisory. chromium-browser: Use after free in ANGLE CVE-2020-6463 chromium-browser: Inappropriate implementation in WebRTC CVE-2020-6514 Mozilla: Potential lea...

MiracleLinux 4 : thunderbird-68.11.0-1.AXS4 (AXSA:2020-258:06)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-258:06 advisory. chromium-browser: Use after free in ANGLE CVE-2020-6463 chromium-browser: Inappropriate implementation in WebRTC CVE-2020-6514 Mozilla: Potential lea...

MiracleLinux 9 : kernel-5.14.0-427.35.1.el9_4 (AXSA:2024-8827:29)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8827:29 advisory. kernel: efivarfs: force RO when remounting if SetVariable is not supported CVE-2023-52463 kernel: nfsd: fix RELEASELOCKOWNER CVE-2024-26629 kernel:...

MiracleLinux 8 : firefox-102.12.0-1.el8.ML.1 (AXSA:2023-6166:23)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6166:23 advisory. Mozilla: Click-jacking certificate exceptions through rendering lag CVE-2023-34414 Mozilla: Memory safety bugs fixed in Firefox 114 and Firefox ESR...

SUSE-SU-2026:20022-1 Security update of valkey

This update for valkey fixes the following issues: Update to 8.0.6: - Security fixes: - CVE-2025-49844: Fixed that a Lua script may lead to remote code execution bsc1250995 - CVE-2025-46817: Fixed that a Lua script may lead to integer overflow and potential RCE bsc1250995 - CVE-2025-46818: Fixed...

Security update for netty, netty-tcnative

This update for netty, netty-tcnative fixes the following issues: Upgrade to upstream version 4.1.126. Security issues fixed: CVE-2025-58057: decompression codecs allocating a large number of buffers after processing specially crafted input can cause a denial of service bsc1249134. CVE-2025-58056...

webkitgtk: processing maliciously crafted web content may lead to an arbitrary code execution

A vulnerability was found in webkitgtk, where a type confusion issue was addressed with improved memory handling. By this security flaw processing maliciously crafted web content may lead to arbitrary code execution...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. CVE-2024-35840: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconnect bsc1224597...

PT-2025-3052

Name of the Vulnerable Software and Affected Versions visionOS versions prior to 2.2 tvOS versions prior to 18.2 Safari versions prior to 18.2 watchOS versions prior to 11.2 iOS versions prior to 18.2 iPadOS versions prior to 18.2 macOS Sequoia versions prior to 15.2 Description The issue is...

CLSA-2023-1698306895 Fix of 7 CVEs

CVE-2023-0597 // CVE-url: https://ubuntu.com/security/CVE-2023-0597 - x86/kasan: Map shadow for percpu pages on demand - x86/mm: Recompute physical address for every page of per-CPU CEA mapping - x86/mm: Populate KASAN shadow for entire per-CPU range of CPU entry area - x86/mm: Do not shuffle CPU...

webkitgtk: sensitive information disclosure issue

A vulnerability was found in webkitgtk, where a type confusion issue was addressed with improved memory handling. By this security flaw processing maliciously crafted web content may lead to arbitrary code execution...