SUSE SLES15 Security Update : kernel (Live Patch 9 for SLE 15 SP6) (SUSE-SU-2025:3768-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3768-1 advisory. This update for the Linux Kernel 6.4.0-1506002342 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter:...

OESA-2025-2530 netty security update

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers clients. %package help Summary: Documents for Buildarch: noarch Requires: man info Provides: -javadoc = - Obsoletes: -javadoc - %description help Man pages a...

OESA-2025-2528 netty security update

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers clients. %package help Summary: Documents for Buildarch: noarch Requires: man info Provides: -javadoc = - Obsoletes: -javadoc - %description help Man pages a...

Security update for podman

This update for podman fixes the following issues: CVE-2025-9566: Fixed kube play command overwriting host files bsc1249154 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

CVE-2025-62614

BookLore is a self-hosted web app for organizing and managing personal book collections. In versions 1.8.1 and prior, an authentication bypass vulnerability in the BookMediaController allows any unauthenticated user to access and download book covers, thumbnails, and complete PDF/CBX page content...

GHSA-XCG2-9PP4-J82X rollbar vulnerable to Prototype Pollution in merge()

Impact Prototype pollution vulnerability in merge. If application code calls rollbar.configure with untrusted input, prototype pollution is possible. Patches Fixed in 2.26.5 and 3.0.0-beta5. Workarounds Ensure that values passed to rollbar.configure do not contain untrusted input. References Fixe...

EUVD-2022-54627

In the Linux kernel, the following vulnerability has been resolved: igc: Reinstate IGCREMOVED logic and implement it properly The initially merged version of the igc driver code via commit 146740f9abc4, "igc: Add support for PF" contained the following IGCREMOVED checks in the igcrd32/wr32 MMIO...

Photon OS 5.0: Openssl PHSA-2025-5.0-0648

An update of the openssl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0648. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2025-62710 Sakai kernel-impl: predictable PRNG used to generate server‑side encryption key in EncryptionUtilityServiceImpl

Sakai is a Collaboration and Learning Environment. Prior to versions 23.5 and 25.0, EncryptionUtilityServiceImpl initialized an AES256TextEncryptor password serverSecretKey using RandomStringUtils with the default java.util.Random. java.util.Random is a non‑cryptographic PRNG and can be predicted...

UBUNTU-CVE-2025-62611

aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...

GHSA-GHFH-FMX4-26H8 OpenBao leaks HTTPRawBody in Audit Logs

Impact OpenBao's audit log experienced a regression wherein raw HTTP bodies used by few endpoints were not correctly redacted HMAC'd. This impacted the following subsystems: - When using the ACME functionality of PKI, this would result in short-lived ACME verification challenge codes being leaked...

CVE-2025-62610

Hono's JWT Auth Middleware (versions 1.1.0 up to before 4.10.2) did not validate the aud (Audience) claim, potentially allowing tokens intended for other audiences to access a service. The issue is documented across multiple sources and is resolved by upgrading to version 4.10.2 or later. Affecte...

EUVD-2025-35589

my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to version 2.5.12, an authenticated SQL injection vulnerability in the bookmark reordering feature allows any logged-in user to execute arbitrary SQL commands. This can lead to a...

CVE-2025-62604

MeterSphere (open source continuous testing platform) contains a logic flaw prior to version 2.10.25-lts that allows retrieval of arbitrary user information. The underlying issue enables an unauthenticated attacker to log in as any user. A fix has been applied in version 2.10.25-lts. Practical im...

sccache-0.12.0~1-1.1 on GA media (moderate)

sccache-0.12.01-1.1 on GA media Announcement ID: openSUSE-SU-2025:15656-1 Rating: moderate Cross-References: CVE-2024-12224 CVSS scores: CVE-2024-12224 SUSE : 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2024-12224 SUSE : 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N...

EUVD-2022-54827

In the Linux kernel, the following vulnerability has been resolved: ftrace: Clean up hash directfunctions on register failures We see the following GPF when registerftracedirect fails: general protection fault, probably for non-canonical address \ 0x200000000000010: 0000 1 PREEMPT SMP...

EUVD-2022-54895

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, pair only capable devices OFFLOADS paring using devcom is possible only on devices that support LAG. Filter based on lag capabilities. This fixes an issue where mlx5getnextphysdev was called without holding th...

rollbar vulnerable to prototype pollution

Impact Prototype pollution potential with the utility function rollbar/src/utility.set. No impact when using the published public interface. If application code directly imports set from rollbar/src/utility and then calls set with untrusted input in the second argument, it is vulnerable to...

Security update for pam

This update for pam fixes the following issues: Improve previous CVE-2024-10041 fix which led to CPU performance issues bsc1232234 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

SUSE-SU-2025:20866-1 Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: Update to open-vm-tools 13.0.5 based on build 24915695. bsc1250692: Please refer to the Release Notes at: https://github.com/vmware/open-vm-tools/blob/stable-13.0.5/ReleaseNotes.md. The granular changes that have gone into the open-vm-tool...