python311-Authlib-1.7.2-1.1 on GA media (moderate)

python311-Authlib-1.7.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10883-1 Rating: moderate Cross-References: CVE-2026-44681 CVSS scores: CVE-2026-44681 SUSE : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: openSUSE Tumbleweed An update that solves one vulnerability ca...

SUSE-SU-2026:1873-1 Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-53.40 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

EUVD-2020-0550

Malware in sbrugna...

EUVD-2019-17900

Malware in sbrugna...

EUVD-2022-27795

Malicious code in bioql PyPI...

EUVD-2025-15732

Malicious code in bioql PyPI...

EUVD-2025-23084

Malicious code in bioql PyPI...

EUVD-2024-52639

Malicious code in bioql PyPI...

EUVD-2025-8976

Malicious code in bioql PyPI...

EUVD-2025-8940

Malicious code in bioql PyPI...

EUVD-2022-27819

Malicious code in bioql PyPI...

CVE-2025-53942

Summary of CVE-2025-53942 (authentik): Affected: authentik identity provider. Issue: deactivated users who registered via OAuth/SAML (or linked accounts) could remain partially active, enabling authorization of applications despite deactivation. Root cause: insufficient check for account active s...

[slackware-security] curl

New curl packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-8.14.1-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: WebSocket endless loop. For more information, see:...

CVE-2025-31189

A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to break out of its sandbox...

CVE-2024-44164

This issue was addressed with improved checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to bypass Privacy preferences...

SUSE-SU-2025:01601-1 Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: - CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678. - CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice...

CVE-2025-31195

The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.4. An app may be able to break out of its sandbox...

SUSE-SU-2025:1114-1 Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059174 fixes one issue. The following security issue was fixed: - CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table bsc1233023...

SUSE-SU-2025:0704-1 Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002325 fixes one issue. The following security issue was fixed: - CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat bsc1236783...

CVE-2024-51481

Nix is a package manager for Linux and other Unix systems. On macOS, built-in builders such as builtin:fetchurl, exposed to users with import were not executed in the macOS sandbox. Thus, these builders which are running under the nixbld users had read access to world-readable paths and write...