SUSE-SU-2026:21945-1 Security update for nvidia-open-driver-G06-signed

This update for nvidia-open-driver-G06-signed fixes the following issues: - Get rid of "'naked' return found in MITIGATIONRETHUNK build" objtool warnings bsc1212841, bsc1263834 - update CUDA variant to 580.159.03 - update non-CUDA variant to 580.159.03 bsc1262749 - Fixes CVEs: CVE-2025-33221,...

SUSE-SU-2026:21882-1 Security update for nvidia-open-driver-G06-signed

This update for nvidia-open-driver-G06-signed fixes the following issues: - Get rid of "'naked' return found in MITIGATIONRETHUNK build" objtool warnings bsc1212841, bsc1263834 - update CUDA variant to 580.159.03 - update non-CUDA variant to 580.159.03 bsc1262749 - Fixes CVEs: CVE-2025-33221,...

Security update for busybox, busybox-links

This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: - CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 - CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584 -...

PT-2024-14286 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The issue is mentioned on Twitter, but details are scarce. A link is provided, but it does not offer additional information about the issue...

Electrolink FM/DAB/TV Transmitter (controlloLogin.js) Credential Disclosure

Electrolink FM/DAB/TV Transmitter controlloLogin.js Credentials Disclosure Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100W...

wtms-pdtklg.selangor.gov.my Cross Site Scripting vulnerability OBB-3308590

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

royalevent.themerex.net Cross Site Scripting vulnerability OBB-2773539

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

easuransi-simulasi.rsbindramayu.id Cross Site Scripting vulnerability OBB-2561280

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

irfan.fr Cross Site Scripting vulnerability OBB-2333127

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

overseaspropertylocator.co.uk Cross Site Scripting vulnerability OBB-2311020

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

UBUNTU-CVE-2021-33930

Buffer overflow vulnerability in function poolinstallablewhatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service...

ALBA-2021:3083 gcc-toolset-10-valgrind bug fix and enhancement update

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. Bug fixes: incorrect pkgconfig virtual provides in devel packages BZ1968378 For instructions on usage, see Using GCC Toolset linked from th...

gcc-toolset-10-elfutils bug fix and enhancement update

An update is available for gcc-toolset-10-elfutils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GCC Toolset is a compiler toolset that provides recent versio...

python27:2.7 security and bug fix update

python2 2.7.18-4.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 2.7.18-4 - Security fix for CVE-2021-3177 Resolves: rhbz1919163 2.7.18-3 - Fixes for bundling prefix=/app build in gimp/inkscape containers Resolves: rhbz1907592 2.7.18-2 - Security fix for CVE-2020-26116: Reject...

Free Desktop Clock x86 Venetian Blinds Zipper 3.0 - Unicode Stack Overflow (SEH)

Exploit Title: Free Desktop Clock x86 Venetian Blinds Zipper 3.0 - Unicode Stack Overflow SEH Exploit Author: Bobby Cooke Date: 2020-04-11 Vendor: Drive Software Company Vendor Site: http://www.drive-software.com Software Download: http://www.drive-software.com/download/freeclock.exe Tested On:...

yum security, bug fix, and enhancement update

createrepoc 0.11.0-3 - Backport patch to switch off timestamps on documentation in order to remove file conflicts RhBug:1738788 0.11.0-2 - Consistently produce valid URLs by prepending protocol. RhBug:1632121 - modifyrepoc: Prevent doubling of compression test.gz.gz RhBug:1639287 - Correct pkg...

patch security and bug fix update

2.7.1-11 - Fixed CVE-2016-10713 - Out-of-bounds access in pchwriteline function - Fixed CVE-2018-6952 - Double free of memory - Resolves: 1626473, honor new file mode 100755 when applying patches - Resolves: 1653294, Added virtual provides for bundled gnulib library...

libsolv: illegal address access in pool_whatprovides in src/pool.h

There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-world application...

Regular Expression Denial of Service (ReDoS) in lodash

lodash prior to 4.7.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is:...

Mimikatz v2.2.0 - A Post-Exploitation Tool to Extract Plaintexts Passwords, Hash, PIN Code from Memory

mimikatz is a tool I've made to learn C and make somes experiments with Windows security. It's now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets. But that's not all!...