Ubuntu: Security Advisory (USN-7611-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS : Linux kernel (HWE) vulnerabilities (USN-7653-1)

"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7653-1 advisory. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcall...

Ubuntu Pro 24.04 LTS Realtime Kernel : Linux kernel (Real-time) vulnerabilities (USN-7652-1)

The remote Ubuntu Pro 24.04 LTS Realtime Kernel host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7652-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This upda...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7654-1)

"The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7654-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

ImageMagick-7.1.2.0-1.1 on GA media (moderate)

ImageMagick-7.1.2.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15349-1 Rating: moderate Cross-References: CVE-2025-53014 CVE-2025-53015 CVE-2025-53019 CVE-2025-53101 CVSS scores: CVE-2025-53014 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L CVE-2025-53014 SUSE : 6.3...

USN-7653-1 linux-hwe-6.8 vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

USN-7609-5: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Netfilter; - Network traffic control; CVE-2025-38001, CVE-2025-37798, CVE-2025-37932,...

AIX is vulnerable to arbitrary code execution (CVE-2025-3277 CVE-2025-29087) and denial of service (CVE-2025-29088) due to RPM

IBM SECURITY ADVISORY First Issued: Thu Jul 17 09:32:10 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/rpmadvisory3.asc Security Bulletin: AIX is vulnerable to arbitrary code execution CVE-2025-3277, CVE-2025-29087 and denial ...

OPENSUSE-SU-2025:15353-1 rustup-1.28.2~0-1.1 on GA media

These are all security issues fixed in the rustup-1.28.20-1.1 package on the GA media of openSUSE Tumbleweed...

openSUSE Security Advisory (SUSE-SU-2025:02316-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-7651-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7651-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

CVE-2025-52690

creationtimestamp| type| source ---|---|--- 2025-07-16 12:58:24+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114863027202378870...

Urgent: Google Releases Critical Chrome Update for CVE-2025-6558 Exploit Active in the Wild

Google on Tuesday rolled out fixes for six security issues in its Chrome web browser, including one that it said has been exploited in the wild. The high-severity vulnerability in question is CVE-2025-6558 CVSS score: 8.8, which has been described as an incorrect validation of untrusted input in...

BIT-PHP-2025-1220 Null byte termination in hostnames

In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. before 8.4.10 some functions like fsockopen lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parseurl treat the hostname in different way, thus openin...

GHSA-FP5R-V3W9-4333

creationtimestamp| type| source ---|---|--- 2025-07-16 03:14:06+00:00| seen| https://gist.github.com/safer-bot/f2a796b1c3ade94b037bb1ddfcabe9b1 2025-07-16 03:36:23+00:00| seen| https://gist.github.com/safer-bot/72f995b8cd1384d5441af0330c518fe4 2025-07-16 03:56:27+00:00| seen|...

Google Chrome Security Update (stable-channel-update-for-desktop_15-2025-07) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Microsoft Edge (Chromium) < 138.0.3351.95 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 138.0.3351.95. It is, therefore, affected by multiple vulnerabilities as referenced in the July 16, 2025 advisory. - Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to...

Oracle Java SE Multiple Vulnerabilities (Jul 2025) - Linux

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-53023

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.0-8.0.42. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...

CVE-2025-50104

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...