CVE-2026-39382

dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. Inside the reusable workflow dbt-labs/actions/blob/main/.github/workflows/open-issue-in-repo.yml, the prep job uses peter-evans/find-comment to search for an...

CVE-2026-39382

dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. Inside the reusable workflow dbt-labs/actions/blob/main/.github/workflows/open-issue-in-repo.yml, the prep job uses peter-evans/find-comment to search for an...

SUSE-SU-2025:02507-1 Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122228 fixes several issues. The following security issues were fixed: - CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. - CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. - CVE-2024-53214:...

CVE-2025-52968

xdg-open in xdg-utils through 1.2.1 can send requests containing SameSite=Strict cookies, which can facilitate CSRF. For example, xdg-open could be modified to, by default, associate x-scheme-handler/https with the execution of a browser with command-line options that arrange for an empty cookie...

MAL-2025-2264 Malicious code in linear-open-issue (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1a73eff632d074d970750852ec6e11f70aff4d2291553664b9f84289a189191e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in linear-open-issue (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1a73eff632d074d970750852ec6e11f70aff4d2291553664b9f84289a189191e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OESA-2025-1191 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during th...

CVE-2024-53173 NFSv4.0: Fix a use-after-free problem in the asynchronous open()

In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfsreleaseseqid in...

AZL-8483 CVE-2022-24448 affecting package kernel for versions less than 5.15.26.1-1

An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the ODIRECTORY flag, and tries to open a regular file, nfsatomicopen performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in...

CVE-2018-19219

In LibSass 3.5-stable, there is an illegal address access at Sass::Eval::operator that will lead to a DoS attack...

CVE-2018-19218

In LibSass 3.5-stable, there is an illegal address access at Sass::Parser::parsecssvariablevaluetoken that will lead to a DoS attack...

Samba security vulnerabilities

smbclient format string vulnerability, ability to change file permissions if file is already open...