OPENSUSE-SU-2025:15463-1 docker-machine-driver-kvm2-1.36.0-2.1 on GA media

These are all security issues fixed in the docker-machine-driver-kvm2-1.36.0-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15455-1 libecpg6-17.6-1.1 on GA media

These are all security issues fixed in the libecpg6-17.6-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15448-1 lighttpd-1.4.80-1.1 on GA media

These are all security issues fixed in the lighttpd-1.4.80-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15443-1 chromedriver-139.0.7258.127-1.1 on GA media

These are all security issues fixed in the chromedriver-139.0.7258.127-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-1477

An issue has been discovered in GitLab CE/EE affecting all versions from 8.14 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed an unauthenticated user to create a denial of service condition by sending specially crafted payloads to specific integration API endpoin...

CVE-2025-54368

CVE-2025-54368 affects uv (Python package/project manager) up to v0.8.5, where remote ZIPs are parsed streaming-wise and archive entries aren’t reconciled with the central directory. An attacker could craft a ZIP that yields legitimate contents for some installers but malicious contents for other...

OPENSUSE-SU-2025:15421-1 chromedriver-139.0.7258.66-1.1 on GA media

These are all security issues fixed in the chromedriver-139.0.7258.66-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15425-1 himmelblau-1.2.0+git.0.6befefc-1.1 on GA media

These are all security issues fixed in the himmelblau-1.2.0+git.0.6befefc-1.1 package on the GA media of openSUSE Tumbleweed...

China Accuses Nvidia of Putting Backdoors into Their Chips

The government of China has accused Nvidia of inserting a backdoor into their H20 chips: China's cyber regulator on Thursday said it had held a meeting with Nvidia over what it called "serious security issues" with the company's artificial intelligence chips. It said US AI experts had "revealed...

Linux Distros Unpatched Vulnerability : CVE-2022-22745

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR 91.5, Firefox 9...

CVE-2025-54785

CVE-2025-54785 affects SuiteCRM versions 7.14.6 and 8.8.0. The issue arises from unvalidated user input passed to unserialize(), enabling potential penetration, privilege escalation, sensitive data exposure, Denial of Service, cryptomining and ransomware. Remediation: upgrade to 7.14.7 or 8.8.1. ...

GLSA-202508-02 : GPL Ghostscript: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202508-02 GPL Ghostscript: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description...

Tenable Identity Exposure < 3.77.13(LTS) / 3.93.2 Vulnerable Nodejs (TNS-2025-16)

The version of Tenable Identity Exposure formerly Tenable.ad installed on the remote host is prior to 3.77.13LTS or 3.93.2. It therefore contains a version of Nodejs that could be vulnerable. Tenable has upgrade these components to address the potential impact of the issues. Note that Nessus has...

SUSE SLES15 Security Update : kernel (Live Patch 4 for SLE 15 SP6) (SUSE-SU-2025:02688-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02688-1 advisory. This update for the Linux Kernel 6.4.0-1506002322 fixes several issues. The following security issues were fixed: - CVE-2024-56664: bpf,...

Linux Distros Unpatched Vulnerability : CVE-2022-48967

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFC: nci: Bounds check struct nfctarget arrays While running under CONFIGFORTIFYSOURCE=y, syzkaller reported: memcpy: detected field-spanning write size 129 of...

SUSE SLES15 Security Update : kernel (Live Patch 2 for SLE 15 SP6) (SUSE-SU-2025:02691-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02691-1 advisory. This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: - CVE-2024-56664: bpf,...

Ubuntu: Security Advisory (USN-7685-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:02680-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2022-31090

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Guzzle, an extensible PHP HTTP client. Authorization headers on requests are sensitive information. In affected versions when using our Curl handler, it is...

Linux Distros Unpatched Vulnerability : CVE-2025-38084

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/hugetlb: unshare page tables during VMA split, not before Currently, splitvma triggers hugetlb page table unsharing through vmops-maysplit. This happens...