CVE-2025-34212

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 VA/SaaS deployments possess CI/CD weaknesses: the build pulls an unverified third-party image, downloads the VirtualBox Extension Pack over plain HTTP without signature...

CVE-2025-34212 Vasion Print (formerly PrinterLogic) Insecure Build Pipeline

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 VA/SaaS deployments possess CI/CD weaknesses: the build pulls an unverified third-party image, downloads the VirtualBox Extension Pack over plain HTTP without signature...

CVE-2025-34212

CVE-2025-34212 involves Vasion Print (Virtual Appliance Host and App) with CI/CD weaknesses in VA/SaaS deployments prior to versions 22.0.843 and 20.0.1923. The build process pulls an unverified third‑party image, downloads the VirtualBox Extension Pack over HTTP without signature validation, and...

PT-2025-39881

Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 22.0.843 Vasion Print Application versions prior to 20.0.1923 Description The Vasion Print Virtual Appliance Host and Application have weaknesses in their CI/CD processes. The build process retrieves an unverifie...

Security update for the Linux Kernel (Live Patch 60 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059215 fixes one issue. The following security issue was fixed: CVE-2025-38498: dochangetype: refuse to operate on unmounted/not ours mounts bsc1247499. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-150700536 fixes several issues. The following security issues were fixed: CVE-2025-38498: dochangetype: refuse to operate on unmounted/not ours mounts bsc1247499. CVE-2025-38555: usb: gadget : fix use-after-free in compositedevcleanup bsc1248298. Patch...

SUSE SLES12 Security Update : kernel (Live Patch 64 for SLE 12 SP5) (SUSE-SU-2025:03342-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03342-1 advisory. This update for the Linux Kernel 4.12.14-122244 fixes several issues. The following security issues were fixed: - CVE-2025-38177: schhfsc: mak...

CVE-2025-58649

Insertion of Sensitive Information Into Sent Data vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Retrieve Embedded Sensitive Data.This issue affects All In One SEO Pack: from n/a through = 4.8.7.1...

SUSE-SU-2025:03350-1 Security update for the Linux Kernel (Live Patch 67 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122255 fixes several issues. The following security issues were fixed: - CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. - CVE-2025-38181: calipso: Fix null-ptr-deref in calipsoreqset,delattr bsc1246001. - CVE-2025-38498: dochangetype:...

SUSE-SU-2025:03341-1 Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: - CVE-2024-49860: ACPI: sysfs: validate return type of STR method bsc1231862. - CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. - CVE-2025-38109: net/mlx5: fix ECVF...

SUSE SLES15 Security Update : kernel (SUSE-SU-2025:03314-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03314-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: ...

Security Bulletin: TS4500 Tape Library/Diamondback Tape Library addresses security vulnerability CVE-2025-36088

Summary The web GUI did not sufficiently sanitize user input in certain dialogs, allowing HTML or JavaScript to be stored and later displayed to other users. Malicious code would only execute if a user opened the affected event entry. The issue has been resolved by adding proper input sanitizatio...

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Apache Commons Lang which is vulnerable to CVE-2025-48924

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Apache Commons Lang. which is vulnerable to CVE-2025-48924. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled...

CVE-2025-58649

Insertion of Sensitive Information Into Sent Data vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Retrieve Embedded Sensitive Data.This issue affects All In One SEO Pack: from n/a through = 4.8.7.1...

CVE-2025-58649 WordPress All In One SEO Pack Plugin <= 4.8.7.1 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Retrieve Embedded Sensitive Data.This issue affects All In One SEO Pack: from n/a through = 4.8.7.1...

CVE-2025-58650 WordPress All In One SEO Pack Plugin <= 4.8.7.1 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects All In One SEO Pack: from n/a through = 4.8.7.1...

CVE-2025-58650 WordPress All In One SEO Pack Plugin <= 4.8.7.1 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects All In One SEO Pack: from n/a through = 4.8.7.1...

Security Bulletin: IBM Master Data Management is vulnerable to arbitrary code execution from vulnerability in WebSphere Application Server (CVE-2025-36038)

Summary IBM Master Data Management is vulnerable to arbitrary code execution by a vulnerability found in IBM WebSphere Application Server. IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of...

PT-2025-38938

Name of the Vulnerable Software and Affected Versions Syed Balkhi All In One SEO Pack versions through 4.8.7 Description A flaw exists in Syed Balkhi All In One SEO Pack that allows retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Upda...

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50211: md-raid10: fix KASAN warning bsc1245140. CVE-2023-53117: fs: prevent out-of-bounds array speculation when closing a file descriptor bsc1242780...