CVE-2025-33219

CVE-2025-33219 affects the NVIDIA Display Driver for Linux and its kernel module. The vulnerability is an integer overflow/wraparound in the NVIDIA kernel module, which could lead to code execution, privilege escalation, data tampering, DoS, or information disclosure. The CVSS indicates local acc...

CVE-2025-33219

NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or informatio...

CVE-2025-33219

NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or informatio...

EUVD-2025-206465

NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or informatio...

CVE-2026-24685

CVE-2026-24685 affects OpenProject prior to 16.6.6 and 17.0.2. The vulnerability arises in the repository diff download endpoint when rendering a single revision with git show; an attacker can inject git show options by supplying a crafted rev (e.g., rev=--output=/tmp/poc.txt), causing OpenProjec...

Cross-site Scripting (XSS)

Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the module friendlyName. An attacker can execute arbitrary scripts in the context of a user's browser...

DotNetNuke.Core Vulnerable to Stored XSS in Module Deletion Confirmation Modal

A module friendly name could include scripts that will run during some module operations in the Persona Bar...

GHSA-VM5Q-8QWW-H238 DotNetNuke.Core Vulnerable to Stored XSS in Module Deletion Confirmation Modal

A module friendly name could include scripts that will run during some module operations in the Persona Bar...

Cross-site Scripting (XSS)

Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the header and footer fields of modules. An attacker can execute arbitrary scripts in the context of...

DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer

A content editor could inject scripts in module headers/footers that would run for other users...

GHSA-JJWG-4948-6WXP DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer

A content editor could inject scripts in module headers/footers that would run for other users...

Security update for kubernetes

This update for kubernetes rebuilds it against the current GO security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: Containers Module...

SUSE-SU-2026:20171-1 Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes various security issues The following security issues were fixed: - CVE-2025-39963: iouring: fix incorrect iokiocb reference in iolinkskb bsc1251982. - CVE-2025-40204: sctp: Fix MAC comparison to be constant-time bsc1253437....

CVE-2025-59473

SQL Injection vulnerability in the Structure for Admin authenticated user...

CVE-2026-24850

The ML-DSA crate is a Rust implementation of the Module-Lattice-Based Digital Signature Standard ML-DSA. Starting in version 0.0.4 and prior to version 0.1.0-rc.4, the ML-DSA signature verification implementation in the RustCrypto ml-dsa crate incorrectly accepts signatures with repeated duplicat...

CVE-2026-24838

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to versions 9.13.10 and 10.2.0, module title supports richtext which could include scripts that would execute in certain scenarios. Versions 9.13.10 and 10.2.0 contain a fix for the iss...

Cross-site Scripting (XSS)

Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the description field in the module installation process. An attacker can execute arbitrary scripts ...

kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGACMDMAXDATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds access...

CVE-2026-24850 ML-DSA Signature Verification Accepts Signatures with Repeated Hint Indices

The ML-DSA crate is a Rust implementation of the Module-Lattice-Based Digital Signature Standard ML-DSA. Starting in version 0.0.4 and prior to version 0.1.0-rc.4, the ML-DSA signature verification implementation in the RustCrypto ml-dsa crate incorrectly accepts signatures with repeated duplicat...

CVE-2026-24850

The ML-DSA crate is a Rust implementation of the Module-Lattice-Based Digital Signature Standard ML-DSA. Starting in version 0.0.4 and prior to version 0.1.0-rc.4, the ML-DSA signature verification implementation in the RustCrypto ml-dsa crate incorrectly accepts signatures with repeated duplicat...