572 matches found
AZL-75107 CVE-2023-53509 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: qed: allow sleep in qedmcptracedump By default, qedmcpcmdandunion delays 10us at a time in a loop that can run 500K times, so calls to qedmcpnvmrdcmd may block the current thread for over 5s. We observed thread scheduling delays...
CLSA-2025-1759167661 git: Fix of CVE-2025-46835
CVE-2025-46835: prevent malicious creating and overwriting of user's files...
CVE-2023-53431
The CVE-2023-53431 entry concerns Linux kernel SCSI SES: the fix ensures graceful handling when an enclosure has a primary component but no secondary components. Previously, devices with one primary enclosure and zero secondary enclosures could cause ses_intf_add() to bail, potentially triggering...
UBUNTU-CVE-2023-53397
In the Linux kernel, the following vulnerability has been resolved: modpost: fix off by one in isexecutablesection The comparison should be = to prevent an out of bounds array access...
CVE-2025-39795 block: avoid possible overflow for chunk_sectors check in blk_stack_limits()
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...
UBUNTU-CVE-2025-39763
In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered If a synchronous error is detected as a result of user-space process triggering a 2-bit uncorrected error, the CPU will take a synchronous error...
kasan: remove kasan_find_vm_area() to prevent possible deadlock
...
vmci: Prevent the dispatching of uninitialized payloads
...
dlm: prevent NPD when writing a positive value to event_done
...
Security update for munge
This update for munge fixes the following issues: Make logrotate work on log as user munge to prevent local privilege escalation bsc1246088. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
CVE-2025-53561
CVE-2025-53561: Path traversal vulnerability in WordPress plugin Prevent files / folders access (
CVE-2025-53561 WordPress Prevent files / folders access Plugin <= 2.6.0 - Path Traversal Vulnerability
Path Traversal: '.../...//' vulnerability in miniOrange Prevent files / folders access prevent-file-access allows Path Traversal.This issue affects Prevent files / folders access: from n/a through = 2.6.0...
WordPress plugin Prevent files / folders access security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
bcache: fix NULL pointer in cache_set_flush()
...
kernel: nvme-tcp: sanitize request list handling
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: sanitize request list handling Validate the request in nvmetcphandler2t to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing...
SUSE CVE-2025-38436
In the Linux kernel, the following vulnerability has been resolved: drm/scheduler: signal scheduled fence when kill job When an entity from application B is killed, drmschedentitykill removes all jobs belonging to that entity through drmschedentitykilljobswork. If application A's job depends on a...
Unlocking the Power of Amazon Security Lake for Proactive Security
Security is a central challenge in modern application development and maintenance, requiring not just traditional practices but also a deep understanding of application architecture and data flow. While organizations now have access to rich data like logs and telemetry, the real challenge lies in...
CVE-2025-38230
In the Linux kernel, the following vulnerability has been resolved: jfs: validate AG parameters in dbMount to prevent crashes Validate dbagheight, dbagwidth, and dbagstart in dbMount to catch corrupted metadata early and avoid undefined behavior in dbAllocAG. Limits are derived from L2LPERCTL,...
CVE-2025-38230
In the Linux kernel, the following vulnerability has been resolved: jfs: validate AG parameters in dbMount to prevent crashes Validate dbagheight, dbagwidth, and dbagstart in dbMount to catch corrupted metadata early and avoid undefined behavior in dbAllocAG. Limits are derived from L2LPERCTL,...
CVE-2025-46708
Software installed and running inside a Guest VM may conduct improper GPU system calls to prevent other Guests from running work on the GPU...