1051 matches found
MiracleLinux 8 : dotnet8.0-8.0.110-1.el8_10.ML.1 (AXSA:2024-8896:17)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8896:17 advisory. dotnet: kestrel: closing an HTTP/3 stream can cause a race condition and lead to remote code execution CVE-2024-38229 dotnet: Multiple .NET componen...
MiracleLinux 9 : dotnet6.0-6.0.135-1.el9_4.ML.1 (AXSA:2024-8898:17)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8898:17 advisory. dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList CVE-2024-43484 dotnet: Denial of Service in System.Text.Json CVE-2024-43485...
0x20bf (=0.0.1), 31 (=2.3.0) +4282 more potentially affected by CVE-2026-22701 via filelock (>=3.0.10 <=3.20.2)
filelock PYPI version =3.0.10, =0.0.3, =0.1.0, =1.0.5, =0.0.1b1, =0.2.3, =0.2.7 - ac-solver =0.1.0 - acceldata-o2a =1.0.0 and more Source cves: CVE-2026-22701 Source advisory: SNYK:PYTHON-FILELOCK-14912448...
SUSE-SU-2026:0043-1 Security update for qemu
This update for qemu fixes the following issues: Security issues fixed: - CVE-2023-1544: out-of-bounds read in VMWare's paravirtual RDMA device operations can be exploited through a malicious guest driver to crash the QEMU process on the host bsc1209554. - CVE-2024-6505: heap-based buffer overflo...
Security update for cheat (important)
openSUSE Security Update: Security update for cheat Announcement ID: openSUSE-SU-2025:0492-1 Rating: important References: 1247629 1253593 1253922 1254051 Cross-References: CVE-2023-48795 CVE-2025-21613 CVE-2025-21614 CVE-2025-22869 CVE-2025-22870 CVE-2025-47913 CVE-2025-47914 CVE-2025-58181 CVSS...
Exploit for CVE-2025-14847
Eric Capuano^1 posted an excellent blog regarding Mongo...
OPENSUSE-SU-2025:20177-1 Security update for cheat
This update for cheat fixes the following issues: - Security: CVE-2025-47913: Fix client process termination bsc1253593 CVE-2025-58181: Fix potential unbounded memory consumption bsc1253922 CVE-2025-47914: Fix panic due to an out of bounds read bsc1254051 Replace...
SUSE SLES12: postgresql16 / postgresql16-contrib / postgresql16-devel / etc (SUSE-SU-2025:4386-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4386-1 advisory. Upgraded to 16.11: - CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS bsc1253332 - CVE-2025-12818:...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.25 (SUSE-SU-2025:4336-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4336-1 advisory. go1.25.5 released 2025-12-02 includes two security fixes to the crypto/x509 package, as well as...
SUSE-SU-2025:4337-1 Security update for go1.24
This update for go1.24 fixes the following issues: go1.24.11 released 2025-12-02 includes two security fixes to the crypto/x509 package, as well as bug fixes to the runtime. bsc1236217 CVE-2025-61727 CVE-2025-61729: go76460 go76445 bsc1254431 security: fix CVE-2025-61729 crypto/x509: excessive...
Security update for go1.25
This update for go1.25 fixes the following issues: go1.25.5 released 2025-12-02 includes two security fixes to the crypto/x509 package, as well as bug fixes to the mime and os packages. bsc1244485 CVE-2025-61729 CVE-2025-61727: go76461 go76445 bsc1254431 security: fix CVE-2025-61729 crypto/x509:...
CVE-2025-14325
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
nodejs:18 security, bug fix, and enhancement update
An update is available for nodejs-packaging, module.nodejs-packaging. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a software development platform...
Security Bulletin: A vulnerability in IBM Java Runtime used by the IBM Installation Manager and IBM Packaging Utility
Summary There is a vulnerability in IBM® Runtime Environment Java™ Versions 8 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVE and we recommend updating to the latest version to remediate...
CVE-2025-13633
Use after free in Digital Credentials in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2025-13721
Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-13639
Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...
CVE-2025-13631
Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform privilege escalation via a crafted file. Chromium security severity: High...
Advisory ROSA-SA-2025-3091
Software: python3-setuptools 39.2.0 OS: rosa-server79 unaffected versions = python3-setuptools-39.2.0-10.0.5.res7 affected versions python3-setuptools-39.2.0-10.0.5.res7 CVE-ID: CVE-2025-47273 BDU-ID: 2025-08604 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the setuptools project packaging...
com.expediagroup:drone-fly-app (=1.0.9), org.apache.hive:hive-beeline (>=4.0.0 <=4.1.0) +3 more potentially affected by CVE-2025-62728 via org.apache.hive:hive-standalone-metastore-server (>=4.0.0-alpha-1 <=4.1.0)
org.apache.hive:hive-standalone-metastore-server MAVEN version =4.0.0-alpha-1, =4.0.0, =4.0.0, =4.1.0 - org.apache.hive:hive-metastore-packaging =4.1.0 - org.apache.hive:hive-standalone-metastore-rest-catalog =4.1.0 Source cves: CVE-2025-62728 Source advisory: SNYK:JAVA-ORGAPACHEHIVE-14136073...