SUSE CVE-2025-40338

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Do not share the name pointer between components By sharing 'name' directly, tearing down components may lead to use-after-free errors. Duplicate the name to avoid that. At the same time, update the order of...

CVE-2025-40338

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Do not share the name pointer between components By sharing 'name' directly, tearing down components may lead to use-after-free errors. Duplicate the name to avoid that. At the same time, update the order of...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization due to the improper validation of AWS Account ID during authentication. An attacker can gain unauthorized access by authenticating with an IAM role from an untrusted AWS account that shares the same role name as ...

freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA

A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the krbCanonicalName for the admin account by default, allowing users to create services with the same canonical name as the REALM admin. When a...

CVE-2024-3099

A vulnerability in mlflow/mlflow version 2.11.1 allows attackers to create multiple models with the same name by exploiting URL encoding. This flaw can lead to Denial of Service DoS as an authenticated user might not be able to use the intended model, as it will open a different model each time...

GHSA-7JRP-R6JX-32CW MoinMoin allows administrative access

MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existing group that has higher privileges...