yesolpress.com Cross Site Scripting vulnerability OBB-4041693

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Security update for the Linux Kernel (Live Patch 59 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122225 fixes several issues. The following security issues were fixed: CVE-2024-41062: Sync sock recv cb and release bsc1228578. CVE-2022-48791: Fix use-after-free for aborted TMF sastask bsc1228002 Patch Instructions: To install this SUSE update use the...

Important: kernel-livepatch-5.10.234-225.895

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: sched: schcake: add bounds checks to host bulk flow fairness counts CVE-2025-21647 In the Linux kernel, the following vulnerability has been resolved: pfifotailenqueue: Drop new packet when sch-limit == 0...

PT-2025-14427 · Unknown · M. Tuhin Ultimate Push Notifications

Name of the Vulnerable Software and Affected Versions: M. Tuhin Ultimate Push Notifications versions n/a through 1.1.8 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection...

Important: kernel-livepatch-5.10.233-223.887

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: sched: schcake: add bounds checks to host bulk flow fairness counts CVE-2025-21647 In the Linux kernel, the following vulnerability has been resolved: pfifotailenqueue: Drop new packet when sch-limit == 0...

PT-2025-14424 · Rsvpmaker · Rsvpmaker

Name of the Vulnerable Software and Affected Versions: RSVPMarker versions n/a through 11.4.8 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations: For...

Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: CVE-2024-57882: mptcp: fix TCP options overflow. bsc1235916. CVE-2024-41062: Sync sock recv cb and release bsc1228578. Patch Instructions: To install this SUSE update use the SUSE...

Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001017 fixes one issue. The following security issue was fixed: CVE-2024-57882: mptcp: fix TCP options overflow. bsc1235916. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-57882: mptcp: fix TCP options overflow. bsc1235916. CVE-2024-41062: Sync sock recv cb and release bsc1228578. Patch Instructions: To install this SUSE update use the SUSE...

yumaenergyinc.com Cross Site Scripting vulnerability OBB-4041398

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

agripressworld.com Cross Site Scripting vulnerability OBB-4041161

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2025-21875

In the Linux kernel, the following vulnerability has been resolved: mptcp: always handle address removal under msk socket lock Syzkaller reported a lockdep splat in the PM control path: WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sockownedbyme include/net/sock.h:1711 inline WARNING: CP...

RHEL 8 / 9 : Red Hat JBoss Enterprise Application Platform 8.0.6 (RHSA-2025:3357)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3357 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This...

Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001023 fixes one issue. The following security issue was fixed: CVE-2024-57882: mptcp: fix TCP options overflow. bsc1235916. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

SUSE CVE-2025-21869

In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Disable KASAN report during patching via temporary mm Erhard reports the following KASAN hit on Talos II power9 with kernel 6.13: 12.028126 ==================================================================...

CVE-2025-2885

Missing validation of the root metatdata version number could allow an actor to supply an arbitrary version number to the client instead of the intended version in the root metadata file, altering the version fetched by the client. Users should upgrade to tough version 0.20.0 or later and ensure...

CVE-2025-2887 Failure to detect delegated target rollback in tough

During a target rollback, the client fails to detect the rollback for delegated targets. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users should upgrade to tough version 0.20.0 or later and ensure any forked or derivative code is patched ...

buecher.de Cross Site Scripting vulnerability OBB-4040874

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

DEBIAN-CVE-2025-21869

In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Disable KASAN report during patching via temporary mm Erhard reports the following KASAN hit on Talos II power9 with kernel 6.13: 12.028126 ==================================================================...

CVE-2025-21869

In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Disable KASAN report during patching via temporary mm Erhard reports the following KASAN hit on Talos II power9 with kernel 6.13: 12.028126 ==================================================================...