Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple tvOS is an operating system for smart TVs. Apple watchOS is an operating system for smart watches. Several Apple products have security vulnerabilities; these...

Debian dsa-6227 : charon-cmd - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6227 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6227-1 [email protected]...

Oracle多款产品 安全漏洞

Oracle Java SE, among others, are products of Oracle Corporation in the United States. Oracle Java SE is used for developing and deploying Java applications for desktops, servers, embedded devices, and real-time environments. Oracle GraalVM for JDK is a high-performance, multi-language runtime an...

SUSE-SU-2026:1375-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: Security issues fixed: - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. - CVE-2026-28389: Possible NULL dereference when processing CM...

CVE-2026-40719

Deadwood in MaraDNS 3.5.0036 allows attackers to exhaust connection slots via a zone whose authoritative nameserver address cannot be resolved...

CVE-2026-24030

An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly...

Guest processing fails for Nutanix AHV, Proxmox VE, Scale Computing HyperCore

Challenge When running backup or replication jobs for Windows virtual machines hosted on Nutanix AHV, Proxmox VE, or Scale Computing HyperCore with Veeam Backup & Replication 13.0.1 Patch 2, guest processing fails with one of the following errors: Failed to install guest processing components for...

PT-2026-28384

Name of the Vulnerable Software and Affected Versions Tandoor Recipes versions prior to 2.6.0 Description The application is designed for managing recipes, planning meals, and creating shopping lists. Prior to version 2.6.0, the image processing pipeline does not remove EXIF metadata, rescale...

About the security content of iOS 18.7.7 and iPadOS 18.7.7

About the security content of iOS 18.7.7 and iPadOS 18.7.7 About the security content of iOS 18.7.7 and iPadOS 18.7.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or release...

USN-8081-1 libpng vulnerabilities

It was discovered that libpng did not properly handle memory when processing certain PNG files. An attacker could possibly use this issue to cause libpng to crash, resulting in a denial of service, or disclose sensitive information. CVE-2025-64505 Joshua Inscoe discovered that libpng did not...

ALSA-2026:2920 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 grafana/grafana/pkg/services/dashboards: Grafana...

PT-2026-7252

Name of the Vulnerable Software and Affected Versions Simcenter Femap versions prior to 2512 Simcenter Nastran versions prior to 2512 Description The applications contain an out of bounds write issue when processing specially created XDB files. Successful exploitation could allow an attacker to...

USN-8007-1 imagemagick vulnerabilities

It was discovered that ImageMagick incorrectly handled image depth values when processing MIFF image files. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. CVE-2025-43965 It was discovered that ImageMagick incorrectly processed SVG images and MSL...

MiracleLinux 7 : binutils-2.27-34.base.el7 (AXSA:2018-3397:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3397:04 advisory. binutils: Improper bounds check in coffgen.c:coffpointerizeaux allows for denial of service when parsing a crafted COFF file CVE-2018-7208 binutils:...

CVE-2021-31013

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. Processing a maliciously crafted font may result in the disclosure of process memory...

CVE-2022-35088

SWFTools commit 772e55a2 was discovered to contain a heap buffer-overflow via getGifDelayTime at /home/bupt/Desktop/swftools/src/src/gif2swf.c...

CVE-2019-20496

cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log processing SEC-532...

SUSE SLES12 Security Update : python36 (SUSE-SU-2025:4487-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4487-1 advisory. - CVE-2025-6075: quadratic complexity in os.path.expandvars can lead to performance degradation when values passed to it are user-controlled...

TencentOS Server 4: gimp (TSSA-2025:0601)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0601 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Security Bulletin: multiple vulerability in IBM Spectrum Symphony with Bouncy Castle Java TLS API

Summary multiple vulerability in IBM Spectrum Symphony with Bouncy Castle Java TLS API Vulnerability Details CVEID:CVE-2024-30172 DESCRIPTION: An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature...