SUSE CVE-2026-32769

Fullchain is an umbrella project for deploying a ready-to-use CTF platform. In versions prior to 0.1.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application to any Pod out of the origin namespace. The flawed inter-ns NetworkPolicy breaks the...

EUVD-2022-29940

Malicious code in bioql PyPI...

CVE-2023-53516 macvlan: add forgotten nla_policy for IFLA_MACVLAN_BC_CUTOFF

In the Linux kernel, the following vulnerability has been resolved: macvlan: add forgotten nlapolicy for IFLAMACVLANBCCUTOFF The previous commit 954d1fa1ac93 "macvlan: Add netlink attribute for broadcast cutoff" added one additional attribute named IFLAMACVLANBCCUTOFF to allow broadcast cutfoff...

SUSE SLES12 Security Update : kernel (SUSE-SU-2025:03204-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03204-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...

SUSE-SU-2025:03204-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49967: bpf: Fix a data-race around bpfjitlimit bsc1244964. - CVE-2022-49975: bpf: Don't redirect packets with invalid pktlen bsc1245196. - CVE-2022-49980:...

PT-2024-41394 · Suse · Webkit2Gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.46.3 bsc1232747: - CVE-2024-44244: Processing maliciously crafted web content may lead to an unexpected process crash. - CVE-2024-44296: Processing maliciously crafted web content may prevent Content Security Policy from...

GHSA-XMP3-7745-G4VJ ezsystems/ez-support-tools Failing access control in system info view

This Security Advisory is about a vulnerability in ezsystems/ez-support-tools v2.2, part of Ibexa DXP v3.2. Older versions are not affected. A user having insufficient permissions is able to access the system information tabs if they type in the direct link the link is not shown in the menu. The...

SUSE CVE-2023-34091

Kyverno is a policy engine designed for Kubernetes. In versions of Kyverno prior to 1.10.0, resources which have the deletionTimestamp field defined can bypass validate, generate, or mutate-existing policies, even in cases where the validationFailureAction field is set to Enforce. This situation...

SUSE-SU-2023:2077-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.38.6 bsc1210731: - CVE-2022-0108: Fixed information leak. - CVE-2022-32885: Fixed arbitrary code execution. - CVE-2023-25358: Fixed use-after-free vulnerability in WebCore::RenderLayer. - CVE-2023-27932: Fixed Same Origin...

CLSA-2023-1682604577 Fix of 53 CVEs

CVE-2022-1198 - drivers: hamradio: 6pack: fix UAF bug caused by modtimer Bionic update: upstream stable patchset 2022-03-04 LP: 1963717 // CVE-2020-36516 - ipv4: avoid using shared IP generator for connected sockets CVE-2022-36879 - xfrm: xfrmpolicy: fix a possible double xfrmpolsput in...

SUSE-SU-2022:3441-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated from 102.2.0esr to 102.3.0esr bsc1203477: - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. -...

cockpit security, bug fix, and enhancement update

264.1-1.0.1 - Remove duplicate reference to server in cockpit Orabug: 33862832 - Update documentation links Orabug: 32795691 - Make documentation links point to Oracle Linux information Orabug: 30271413 Orabug: 32013095 - Fix rendering of hwinfo page on systems with some empty memory slots Orabug...