Security update for clamav

This update for clamav fixes the following issues: ClamAV version 1.4.3: CVE-2025-20260: PDF Scanning Buffer Overflow Vulnerability bsc1245054. CVE-2025-20234: Vulnerability in Universal Disk Format UDF processing bsc1245055. Other bugfixes: Fix a race condition between the mockup servers started...

SUSE-SU-2025:02201-1 Security update for clamav

This update for clamav fixes the following issues: ClamAV version 1.4.3: - CVE-2025-20260: PDF Scanning Buffer Overflow Vulnerability bsc1245054. - CVE-2025-20234: Vulnerability in Universal Disk Format UDF processing bsc1245055. Other bugfixes: - Fix a race condition between the mockup servers...

SUSE-SU-2025:02200-1 Security update for clamav

This update for clamav fixes the following issues: ClamAV version 1.4.3: - CVE-2025-20260: PDF Scanning Buffer Overflow Vulnerability bsc1245054. - CVE-2025-20234: Vulnerability in Universal Disk Format UDF processing bsc1245055...

CVE-2024-46993 Electron Vulnerable to Heap Buffer Overflow in NativeImage::CreateFromPath

Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions prior to 28.3.2, 29.3.3, and 30.0.3, the nativeImage.createFromPath and nativeImage.createFromBuffer functions call a function downstream that is vulnerable to a heap...

CVE-2025-0073 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver...

kernel: veth: Fix use after free in XDP_REDIRECT

A use-after-free vulnerability has been identified within the vethconvertskbtoxdpbuff function of the Linux kernel's veth driver. The flaw stems from improper memory management during packet headroom expansion for XDP eXpress Data Path. Specifically, when the pskbexpandhead function allocates new...

CVE-2023-1696

The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability...

CVE-2021-30752

Processing a maliciously crafted image may lead to arbitrary code execution. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. An out-of-bounds read was addressed with improved input validation...

CVE-2021-1754

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2021-1880

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.3, watchOS 7.4. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2019-17243

IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEGLS+0x0000000000003155...

CVE-2025-45800

TOTOLINK A950RG V4.1.2cu.5204B20210112 contains a command execution vulnerability in the setDeviceName interface of the /lib/cstemodules/global.so library, specifically in the processing of the deviceMac parameter...

CVE-2025-43965

In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used...

CVE-2025-43965

In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used...

Sonos Era 300 资源管理错误漏洞

The Sonos Era 300 is a spatial audio speaker with Dolby Atmos Dolby Atmos from Sonos USA. The Sonos Era 300 suffers from a resource management error vulnerability that originates from SMB data processing without verifying object existence, which could lead to post-release reuse and remote code...

CVE-2025-46393

In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packetsize is mishandled related to the rendering of all channels in an arbitrary order...

CVE-2025-43965

In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used...

CVE-2025-0122 Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through Burst of Crafted Packets

A denial-of-service DoS vulnerability in Palo Alto Networks Prisma® SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to disrupt the packet processing capabilities of the device by sending a burst of crafted packets to that device...

CVE-2025-24244

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Processing a maliciously crafted font may result in the disclosure of process memory...

Linux Distros Unpatched Vulnerability : CVE-2017-11449

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial...