17 matches found
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
PT-2025-44964
Name of the Vulnerable Software and Affected Versions Huawei IMS affected versions not specified Description The IMS service contains a potential out-of-bounds write condition resulting from a missing bounds check. Successful exploitation could allow a remote attacker to escalate privileges. An...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
CVE-2025-58755 MONAI has path traversal issue that may lead to arbitrary file writes
MONAI Medical Open Network for AI is an AI toolkit for health care imaging. The extractall function zipfile.extractalloutputdir is used directly to process compressed files. It is used in many places in the project. In versions up to and including 1.5.0, when the Zip file containing malicious...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
Security update for the Linux Kernel
This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...
CVE-2024-32647
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the createfromblueprint builtin can result in a double eval vulnerability when rawargs=True and the args argument has side-effects. It can be seen that the buildcreateIR function of t...
PYSEC-2024-207
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the slice builtin can result in a double eval vulnerability when the buffer argument is either msg.data, self.code or .code and either the start or length arguments have side-effects...
PT-2023-18695 · Aruba · Aruba Instant +1
Name of the Vulnerable Software and Affected Versions: Aruba InstantOS affected versions not specified ArubaOS 10 affected versions not specified Description: Multiple authenticated command injection vulnerabilities exist in the command line interface of the affected software. Successful...
CVE-2022-20964
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system. This vulnerability is due to improper validation of user input within requests as part of the...
Vulnerabilities found in GE Cimplicity
The Zero Day Initiative has published information about vulnerabilities in GE's Cimplicity have been published. The vulnerabilities occur during the processing of CIM files. Due to lack of proper initialization of the pointer, a malicious party can execute arbitrary code execute arbitrary code...
Vulnerability discovered in NetApp Clustered Data ONTAP
NetApp has discovered a vulnerability in Clustered Data ONTAP. The vulnerability is located in the version of the provided tool Expat and allows a malicious party to gain access to sensitive data, potentially to manipulate it, or to cause a Denial-of-Service. NetApp has not released any updates a...
Vulnerability found in ProFTPd
A vulnerability has been found in ProFTPd. An unauthenticated malicious party can remotely exploit the vulnerability to cause a denial-of-service attack. No CVE ID issued. ProFTP has not yet released updates to address the vulnerability. fix in ProFTPd...