14 matches found
CVE-2026-32792
NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support '--enable-dnscrypt'. A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A malicious actor can exploit...
SUSE-SU-2026:21405-1 Security update for container-suseconnect
This update for container-suseconnect fixes the following issues: Changes in container-suseconnect: - switch to build with go 1.25...
SUSE-SU-2026:1488-1 Security update for rekor
This update for rekor rebuilds it against the current go 1.25 security release...
SUSE-SU-2026:1486-1 Security update for cosign
This update for cosign rebuilds it against the current go 1.25 security release...
Security update for container-suseconnect
This update for container-suseconnect rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product:...
Security update for podman
This update for podman rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15....
CVE-2026-22735
Spring MVC and WebFlux applications are vulnerable to stream corruption when using Server-Sent Events SSE. This issue affects Spring Foundation: from 7.0.0 through 7.0.5, from 6.2.0 through 6.2.16, from 6.1.0 through 6.1.25, from 5.3.0 through 5.3.46...
SUSE-SU-2026:0917-1 Security update for kubernetes
This update for kubernetes rebuilds it against the current go 1.25 security release...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.25 (SUSE-SU-2025:4336-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4336-1 advisory. go1.25.5 released 2025-12-02 includes two security fixes to the crypto/x509 package, as well as...
OPENSUSE-SU-2025:15795-1 go1.25-1.25.5-1.1 on GA media
These are all security issues fixed in the go1.25-1.25.5-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2025-56466
Hardcoded credentials in Dietly v1.25.0 for android allows attackers to gain sensitive information...
Mozilla: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10
The Mozilla Foundation Security Advisory describes this flaw as: Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code...
Vulnerability fixed in Cisco ASA
Cisco has fixed a vulnerability in Cisco ASA. A authenticated remote malicious party can exploit the vulnerability exploit the vulnerability to cause a denial-of-service on the system. To do this, the malicious party must send specially prepared network traffic to the vulnerable system. Cisco has...
ThinkPHP SQL Injection Vulnerability (CNVD-2018-21508)
ThinkPHP is an open source, lightweight PHP-based web application development framework. A SQL injection vulnerability exists in ThinkPHP version 5.1.25. A remote attacker can exploit the vulnerability to obtain data...