CVE-2022-23627

ArchiSteamFarm ASF is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. Due to a bug in ASF code, introduced in version V5.2.2.2, the program didn't adequately verify effective access of the user sending proxy i.e. Bots commands. In particular, a...

CVE-2021-41228

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's savedmodelcli tool is vulnerable to a code injection as it calls eval on user supplied strings. This can be used by attackers to run arbitrary code on the plaform where the CLI tool runs. However, given...

Linux Distros Unpatched Vulnerability : CVE-2022-50844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: Fix type of second parameter in odneditdpmtable callback With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992398)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992398 advisory. In the Linux kernel, the following vulnerability has been resolved: ca8210: fix maclen negative array access This patch fixes a buffer overflow access of skb-data if...

CLSA-2025-1766567499 Fix CVE(s): CVE-2020-1472

SECURITY UPDATE: elevation of privilege vulnerability - debian/patches/CVE-2020-1472.patch: fix vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol MS-NRPC - CVE-2020-1472...

Security update for unbound

This update for unbound fixes the following issues: CVE-2025-11411: Fixed domain hijacking due to promiscuous records bsc1252525 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Security update for python-Jinja2

This update for python-Jinja2 fixes the following issues: CVE-2025-27516: Fixed sandbox breakout through attr filter selecting format method bsc1238879 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Linux Distros Unpatched Vulnerability : CVE-2023-53792

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvme-core: fix memory leak in dhchapctrlsecret Free dhchapsecret in nvmectrldhchapctrlsecretstore before we return when nvmeauthgeneratekey returns error...

GHSA-V959-QXV6-6F8P ZITADEL Vulnerable to Account Takeover via DOM-Based XSS in Zitadel V2 Login

Summary A potential vulnerability exists in ZITADEL's logout endpoint in login V2. This endpoint accepts serval parameters including a postlogoutredirect. When this parameter is specified, users will be redirected to the site that is provided via this parameter. ZITADEL's login UI did not ensure...

GHSA-9QR9-H5GF-34MP Next.js is vulnerable to RCE in React flight protocol

A vulnerability affects certain React packages1 for versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 and frameworks that use the affected packages, including Next.js 15.x and 16.x using the App Router. The issue is tracked upstream as CVE-2025-55182. Fixed in: React: 19.0.1, 19.1.2, 19.2.1 Next.js:...

USN-7855-2: Unbound regression

USN-7855-1 fixed vulnerabilities in Unbound. It was discovered that the fix for CVE-2025-11411 was incomplete. This update fixes the problem. Original advisory details: Yuxiao Wu, Yunyi Zhang, Baojun Liu, and Haixin Duan discovered that Unbound incorrectly handled certain promiscuous NS RRSets. A...

PT-2025-46990

Name of the Vulnerable Software and Affected Versions CodeAstro Gym Management System version 1.0 Description A security flaw exists in CodeAstro Gym Management System version 1.0. The issue involves a SQL injection impacting an unknown function within the /admin/view-member-report.php file...

Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.144 fixes various security issues The following security issues were fixed: CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1246019...

PT-2025-46192

Name of the Vulnerable Software and Affected Versions ktg-mes versions prior to commit a484f96 2025-07-03 Description The software contains a fastjson deserialization issue. This occurs due to the use of a vulnerable version of fastjson and the deserialization of untrusted input data...

Important: kernel-livepatch-6.12.40-64.114

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bamdma: Fix DT error handling for num-channels/ees...

PT-2025-45053

Name of the Vulnerable Software and Affected Versions ClipBucket versions 5.5.2 through 5.5.2-147 Description ClipBucket v5 is a video sharing platform that has a stored Cross-Site Scripting XSS issue within its Collection tags feature. A normal, authenticated user can create a tag containing HTM...

Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition (CVE-2025-53066, CVE-2025-53057)

Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their October 2025 Critical Patch Update. For more information please refer to Oracle's October 2025 CPU Advisory and the CVE links referenced below. Vulnerability Details...

WordPress WooCommerce plugin <= 7.8.2 - Sensitive Information Exposure vulnerability

Sensitive Information Exposure vulnerability discovered by osama-hamad in WordPress Plugin WooCommerce versions = 7.8.2...

UBUNTU-CVE-2025-40025

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer for non inode dnode As syzbot reported below: ------------ cut here ------------ kernel BUG at fs/f2fs/file.c:1243! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI CPU: 0 UID: 0 PID: 5354...

EUVD-2022-54538

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Calico cloud environment. We found that a BPF program was doing a socket lookup with takes a refcnt on the socket and that it was findin...