OPENSUSE-SU-2026:20262-1 Security update for docker-stable

This update for docker-stable fixes the following issues: - Enable SELinux in default daemon.json config --selinux-enabled. This has no practical impact on non-SELinux systems bsc1252290. - Remove git-core recommends on SLE. Most SLE systems have installRecommends=yes by default and thus end up...

SUSE-SU-2025:03540-1 Security update for docker-stable

This update for docker-stable fixes the following issues: - Include historical changelog data from before the docker-stable fork. The initial changelog entry did technically provide all the necessary information, but our CVE tracking tools do not understand how the package is forked and so it see...

SUSE-SU-2025:20394-1 Security update for less

This update for less fixes the following issues: - Updated to version 668 Fixed crash when using --header on command line Fixed possible crash when scrolling left/right or toggling -S Fixed bug when using stop in a lesskey file Fixed bug when using --shift or --match-shift on command line with a...

CVE-2024-45765

Dell Enterprise SONiC OS, versions 4.1.x, 4.2.x, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. This is a...

Security Bulletin: IBM OpenPages is affected by multiple security vulnerabilities of DB2 Database Server (June 2024)

Summary IBM® Db2® Database Server is shipped as a supporting program of IBM OpenPages. Information about security vulnerabilities affecting IBM Db2 Database Server has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the...

Atlassian Jira Service Management Data Center and Server < 5.4.21 / 5.12.x < 5.12.8 / 5.15.x < 5.16.0 (JSDSERVER-15309)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-15309 advisory. - This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, an...

Security Bulletin: IBM MQ Appliance is affected by multiple vulnerabilities in the IBM Runtime Environment, Java Technology Edition (CVE-2024-20952 and CVE-2023-33850)

Summary Multiple issues were identified with IBM Runtime Environment, Java Technology Edition, Version 8 which is shipped in IBM MQ Appliance. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a remote...

Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to a denial of service and integrity impact due to multiple vulnerabilities.

Summary IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i are vulnerable to a remote attacker causing a denial of service CVE-2023-22081 and CVE-2023-5676 and an integrity impact CVE-2023-22067 as described in the vulnerability details section. This bulletin...

CVE-2023-32485

CVE-2023-32485 affects Dell SmartFabric Storage Software, specifically versions 1.3 and lower. The root cause is improper input validation in the software, enabling a remote unauthenticated attacker to escalate privileges to the highest administrative level. The vulnerability is characterized as ...

Security Bulletin: IBM Jazz Reporting Service is vulnerable to XML external entity (XXE) attacks due to a vulnerability in XML processing in Apache Jena, in versions up to 4.1.0 (CVE-2021-39239)

Summary IBM Jazz Reporting Service is vulnerable to CVE-2021-39239 due to a vulnerability in XML processing in Apache Jena, in versions up to 4.1.0. Apache Jena is used by IBM Jazz Reporting Service for working with RDF models. The fix disables external entity processing in calls made to the...

Security Bulletin: IBM Event Streams is affected by multiple vulnerabilities in Golang Go

Summary Vulnerabilities in golang before 1.19.10 affect the golang component that is used by IBM Event Streams CVE-2023-29402, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-29403 DESCRIPTION: Golang Go could allow a...

Security Bulletin: CVE-2022-37734 may affect IBM CICS TX Advanced

Summary WebSphere Application Server Liberty is vulnerable to denial of service due to GraphQL Java. This affects IBM WebSphere Liberty used by IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-37734 DESCRIPTION: GraphQL Java is...

Security Bulletin: IBM CICS TX Standard is vulnerable to arbitrary code execution due to IBM WebSphere Application Server Liberty (CVE-2021-23450)

Summary WebSphere Application Server Liberty is used by IBM CICS TX Standard to provide a web based administration console. The fix removes the arbitrary code execution vulnerability CVE-2021-23450 from Liberty. Vulnerability Details CVEID:CVE-2021-23450 DESCRIPTION: Dojo could allow a remote...

Security Bulletin: IBM CICS TX Standard is vulnerable to cross-site scripting (CVE-2022-34166)

Summary IBM CICS TX Standard could allow users to embed arbitrary JavaScript code which may allow trusted credentials disclosure. The fix removes this vulnerability CVE-2022-34166 from IBM CICS TX Standard. Vulnerability Details CVEID:CVE-2022-34166 DESCRIPTION: IBM CICS TX is vulnerable to...

openSUSE: Security Advisory for rust, (openSUSE-SU-2022:0843-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2022:0843-1 Security update for rust, rust1.58, rust1.59

This update for rust, rust1.58, rust1.59 fixes the following issues: This update provides both rust1.58 and rust1.59. Changes in rust1.58: - Add recommends for GCC for installs to be able to link. - Add suggests for lld/clang which are faster than gcc for linking to allow users choice on what the...

Security Bulletin: Vulnerability in Linux Kernel affects ProtecTIER: Dirty COW vulnerability (CVE-2016-5195)

Summary A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write COW breakage of private read-only memory mappings. An attacker could exploit this vulnerability to gain write access to read-only memory mappings and elevated privileges on the system...

bent (>=0.0.9 <=0.0.80), tensorflow-recommenders-addons-gpu (>=0.3.0 <=0.4.1) potentially affected by CVE-2021-41203 via tensorflow-gpu (=2.5.1)

tensorflow-gpu PYPI version =2.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - bent =0.0.9, =0.3.0, =0.4.1 Source cves: CVE-2021-41203 Source advisory: OSV:GHSA-7PXJ-M4JF-R6H2...

bent (>=0.0.9 <=0.0.80), tensorflow-recommenders-addons-gpu (>=0.3.0 <=0.4.1) potentially affected by CVE-2021-41207 via tensorflow-gpu (=2.5.1)

tensorflow-gpu PYPI version =2.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - bent =0.0.9, =0.3.0, =0.4.1 Source cves: CVE-2021-41207 Source advisory: OSV:GHSA-7V94-64HJ-M82H...

bent (>=0.0.9 <=0.0.80), tensorflow-recommenders-addons-gpu (>=0.3.0 <=0.4.1) potentially affected by CVE-2021-41213 via tensorflow-gpu (=2.5.1)

tensorflow-gpu PYPI version =2.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - bent =0.0.9, =0.3.0, =0.4.1 Source cves: CVE-2021-41213 Source advisory: OSV:GHSA-H67M-XG8F-FXCF...