RHSA-2025:22982 Red Hat Security Advisory: python-kdcproxy security update

Bulletin has no description...

EUVD-2019-14838

Malware in sbrugna...

EUVD-2018-6807

Malware in sbrugna...

EUVD-2020-25516

Malware in sbrugna...

CVE-2025-29632

Buffer Overflow vulnerability in Free5gc v.4.0.0 allows a remote attacker to cause a denial of service via the AMF, NGAP, security.go, handlergenerated.go, handleInitialUEMessageMain, DecodePlainNasNoIntegrityCheck, GetSecurityHeaderType components...

CVE-2025-29632

CVE-2025-29632 affects free5GC v4.0.0, with a Buffer Overflow in the AMF path (NGAP, security.go, handler_generated.go, handleInitialUEMessageMain) caused by DecodePlainNasNoIntegrityCheck handling of an empty NAS payload. This can crash the AMF and cause DoS. Exploitation details are present in ...

CVE-2024-21725

Inadequate escaping of mail addresses lead to XSS vulnerabilities in various components...

CVE-2025-30706

...

CVE-2024-51744 vulnerabilities

Vulnerabilities for packages: trivy, git-sync, azcopy, crossplane-fips, falcoctl, kubernetes, azure-aad-pod-identity-mic, crossplane-provider-azure-authorization, cluster-autoscaler, boring-registry, mc, scorecard, kots, telegraf, crossplane-provider-azure-managedidentity, trivy-fips, ko-fips,...

CVE-2024-34158 vulnerabilities

Vulnerabilities for packages: fulcio-fips, nri-redis, php-fpmexporter, rabbitmq-default-user-credential-updater, vertical-pod-autoscaler-fips, gatekeeper-fips, opentelemetry-collector, newrelic-infrastructure-agent, yace, kubernetes-dashboard-metrics-scraper, up, kubernetes, tfsec, go-openssl,...

CVE-2024-34155 vulnerabilities

Vulnerabilities for packages: fulcio-fips, nri-redis, php-fpmexporter, rabbitmq-default-user-credential-updater, vertical-pod-autoscaler-fips, gatekeeper-fips, opentelemetry-collector, newrelic-infrastructure-agent, yace, kubernetes-dashboard-metrics-scraper, up, kubernetes, tfsec, go-openssl,...

CVE-2024-35255 vulnerabilities

Vulnerabilities for packages: fulcio-fips, trivy, spire-server-fips, opentelemetry-collector, prometheus, up, falcoctl, druid, cluster-autoscaler, restic-fips, boring-registry, terragrunt, hugo, step-ca, restic, sigstore-scaffolding, trivy-fips, k8sgpt, thanos, bank-vaults, policy-controller-fips...

The vulnerability of the IPSec components of Ivanti Connect Secure and Ivanti Policy Secure network access control tools allows a perpetrator to trigger a service failure or execute arbitrary code.

The vulnerability of the IPSec components of Ivanti Connect Secure and Ivanti Policy Secure network access control tools is related to the possibility of buffer overflow attacks. Exploiting this vulnerability could allow a malicious actor to trigger service failures or execute arbitrary code by...

Security Bulletin: A vulnerability in IBM Java affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in IBM® Runtime Environment Java™ Technology Edition affects the product's management GUI. The Command Line Interface is unaffected. Vulnerability Details CVEID:CVE-2022-21626 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allo...

Security Bulletin: Vulnerabilities in IBM Java SDK affects IBM SAN Volume Controller and Storwize Family (CVE-2015-2613 CVE-2015-2601 CVE-2015-2625 CVE-2015-1931)

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM SAN Volume Controller and Storwize Family. These issues were disclosed as part of the IBM Java SDK updates in July 2015. Vulnerability Details CVEID: CVE-2015-2613 DESCRIPTION: An...

SUSE CVE-2015-5006

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache...

CVE-2015-1931

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by...

Design/Logic Flaw

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by...

Unable to delete expired certificate with no bindings

The following error is returned when trying to delete a certificate that has no bindings when clicking on "show bindings" "Certificate is referenced by a CRL, OCSP responder, vserver, service, monitor, SSL profile, CA Cert Group, another certificate, or a policy expression using XMLENCRYPT or...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM SPSS Statistics: CVE-2015-1932, CVE-2015-2601, CVE-2015-2613, CVE-2015-2625

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 1.6 and 1.7 that are used by IBM SPSS Statistics. These issues were disclosed as part of the IBM Java SDK updates in July 2015. Vulnerability Details CVEID: CVE-2015-2613 DESCRIPTION: An...