479 matches found
SUSE-SU-2025:02162-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing...
SUSE SLES15 Security Update : kernel (Live Patch 2 for SLE 15 SP6) (SUSE-SU-2025:02126-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02126-1 advisory. This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: - CVE-2024-56601: net: inet:...
Debian dsa-5949 : libxml2 - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5949 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5949-1 [email protected] https://www.debian.org/securit...
[SECURITY] [DSA 5949-1] libxml2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5949-1 [email protected] https://www.debian.org/security/ Aron Xu June 26, 2025 https://www.debian.org/security/faq - -------------------------------------------------------------------------...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : GSS NTLMSSP vulnerabilities (USN-7588-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7588-1 advisory. Phil Turnbull discovered that GSS NTLMSSP may perform out-of-bounds reads when decoding NTLM fields and target...
Google Chrome Resource Management Error Vulnerability (CNVD-2025-14266)
Google Chrome is a popular web browser. A security vulnerability exists in Google Chrome V8, which originates from re-referencing or using freed memory, and can be exploited by a remote attacker to submit a special WEB request that can be tricked into being parsed by the user, which can cause the...
USN-7589-1 gnuplot vulnerabilities
Tim Blazytko, Cornelius Aschermann, Sergej Schumilo, and Nils Bars discovered that Gnuplot had several memory-related issues. An attacker could possibly use these issues to cause Gnuplot to experience a buffer overflow, resulting in a denial of service or arbitrary code execution. These issues on...
USN-7589-1: Gnuplot vulnerabilities
Tim Blazytko, Cornelius Aschermann, Sergej Schumilo, and Nils Bars discovered that Gnuplot had several memory-related issues. An attacker could possibly use these issues to cause Gnuplot to experience a buffer overflow, resulting in a denial of service or arbitrary code execution. These issues on...
SUSE-SU-2025:02055-1 Security update for gstreamer-plugins-good
This update for gstreamer-plugins-good fixes the following issues: - CVE-2024-47537: Fixed OOB-write in isomp4/qtdemux.c bsc1234414 - CVE-2024-47539: Fixed OOB-write in converttos3341a bsc1234417 - CVE-2024-47540: Fixed uninitialized stack memory in Matroska/WebM demuxer bsc1234421 -...
CVE-2022-50183 drm/meson: encoder_cvbs: Fix refcount leak in meson_encoder_cvbs_init
In the Linux kernel, the following vulnerability has been resolved: drm/meson: encodercvbs: Fix refcount leak in mesonencodercvbsinit ofgraphgetremotenode returns remote device nodepointer with refcount incremented, we should use ofnodeput on it when done. Add missing ofnodeput to avoid refcount...
CVE-2022-49958 net/sched: fix netdevice reference leaks in attach_default_qdiscs()
In the Linux kernel, the following vulnerability has been resolved: net/sched: fix netdevice reference leaks in attachdefaultqdiscs In attachdefaultqdiscs, if a dev has multiple queues and queue 0 fails to attach qdisc because there is no memory in attachonedefaultqdisc. Then dev-qdisc will be...
TencentOS Server 3: python-pillow (TSSA-2022:0012)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0012 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 3: tigervnc (TSSA-2023:0044)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0044 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Important: firefox
Issue Overview: An attacker was able to perform an out-of-bounds read or write on a JavaScript Promise object. This vulnerability affects Firefox 138.0.4, Firefox ESR 128.10.1, and Firefox ESR 115.23.1. CVE-2025-4918 An attacker was able to perform an out-of-bounds read or write on a JavaScript...
Advisory ROSA-SA-2025-2887
Software: ghostscript 9.27 OS: ROSA Virtualization 3.0 packageevrstring: ghostscript-9.27-16.0.1.rv30 CVE-ID: CVE-2020-27792 BDU-ID: 2023-09076 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the lp8000printpage function of the gdevlp8k.c component of the Ghostscript document processing software...
NewStart CGSL MAIN 7.02 : openssl Multiple Vulnerabilities (NS-SA-2025-0049)
The remote NewStart CGSL host, running version MAIN 7.02, has openssl packages installed that are affected by multiple vulnerabilities: - Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes...
Tenable Security Center Multiple Vulnerabilities (TNS-2025-09)
According to its self-reported version, the Tenable Security Center running on the remote host is prior to 6.6.0 and missing relevant patches. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2025-09 advisory. - In SQLite 3.44.0 through 3.49.0 before 3.49.1, the...
RHEL 9 : kernel (RHSA-2025:6966)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:6966 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm: nv04: Fix out of bounds...
CVE-2024-27227
A malicious DNS response can trigger a number of OOB reads, writes, and other memory issues...
CVE-2021-23047
On version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, and all versions of 13.1.x, 12.1.x and 11.6.x, when BIG-IP APM performs Online Certificate Status Protocol OCSP verification of a certificate that contains Authority Information Access AIA, undisclosed requests may cau...