SUSE-SU-2025:4258-1 Security update for python312

This update for python312 fixes the following issues: Update to 3.12.12: - CVE-2025-6075: Fixed quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 - CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305 Other...

Siemens SIMATIC S7-1500 Generation of Error Message Containing Sensitive Information (CVE-2022-0563)

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an INPUTRC environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the...

JLSEC-2025-191 A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from t...

EUVD-2001-0375

Malware in sbrugna...

EUVD-2012-0255

Malware in sbrugna...

EUVD-2014-2560

Malware in sbrugna...

EUVD-2006-4797

Malware in sbrugna...

EUVD-2015-8781

Malware in sbrugna...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: socat (UTSA-2025-986111)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986111 advisory. readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file. Tenable has extracted the preceding description block directly from the Unity Linux securit...

EUVD-2022-15682

Malicious code in bioql PyPI...

[SECURITY] Fedora 41 Update: linenoise-1.0-9.20200312git97d2850.fc41

Linenoise is a replacement for the readline line-editing library with the goal of being smaller...

[SECURITY] Fedora 42 Update: linenoise-1.0-12.20200312git97d2850.fc42

Linenoise is a replacement for the readline line-editing library with the goal of being smaller...

Linux Distros Unpatched Vulnerability : CVE-2022-0563

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an INPUTRC environment variable to get...

Linux Distros Unpatched Vulnerability : CVE-2024-28583

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to execute arbitrary code via the readLine function when reading...

[SECURITY] Fedora 41 Update: socat-1.8.0.3-1.fc41

Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device serial line etc. or a pseudo terminal, a socket UNIX, IP4, IP6 - raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin etc., th...

[SECURITY] Fedora 42 Update: socat-1.8.0.3-1.fc42

Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device serial line etc. or a pseudo terminal, a socket UNIX, IP4, IP6 - raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin etc., th...

TencentOS Server 3: socat (TSSA-2025:0680)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0680 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

MAL-2025-16198 Malicious code in browser-readline (npm)

The package browser-readline was found to contain malicious code...

Malicious code in browser-readline (npm)

The package browser-readline was found to contain malicious code...

socat: arbitrary file overwrite via predictable /tmp directory

A flaw was found in the readline.sh script of Socat through version 1.8.0.1. This vulnerability can allow attackers to exploit improper use of a predictable temporary file...