SUSE CVE-2026-40934

Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at /.local/share/jupyter/runtime/jupytercookiesecret and is never rotated when a user changes their password. After a password...

EUVD-2026-25430

In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirectsocket.sendio.bcredits It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immendiate empty send. In order to fix this we'll have a single...

SUSE-SU-2026:21057-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

CVE-2026-28432

CVE-2026-28432: Misskey HTTP signature verification bypass . Affects Misskey servers prior to 2026.3.1, allowing bypass of HTTP signature verification (federation-related vulnerability that affects all servers, regardless of federation enablement). Root cause: bypass of the HTTP signature check. ...

CVE-2025-46320

A cross-site scripting XSS vulnerability in a FileMaker WebDirect custom homepage could lead to unauthorized access and remote code execution. This vulnerability has been fully addressed in FileMaker Server 22.0.4 and FileMaker Server 21.1.7...

MiracleLinux 4 : kernel-2.6.32-642.3.1.el6 (AXSA:2016-612:06)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-612:06 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...

MiracleLinux 3 : systemtap-1.6-7.AXS3 (AXSA:2012-344:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-344:01 advisory. SystemTap is an instrumentation system for systems running Linux 2.6. Developers can write instrumentation to collect data on the operation of the system...

CVE-2025-46295

Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications passed untrusted input into the text-substitution API. Because some interpolators could trigger actions like executing commands or accessing external resources, an attacker could...

CVE-2025-46295

Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications passed untrusted input into the text-substitution API. Because some interpolators could trigger actions like executing commands or accessing external resources, an attacker could...

PT-2025-51764

Name of the Vulnerable Software and Affected Versions Apache Commons Text versions prior to 1.10.0 FileMaker Server versions prior to 22.0.4 Description Apache Commons Text versions prior to 1.10.0 contain interpolation features that could be exploited when applications process untrusted input...

kernel security update

3.10.0-1160.119.1.0.14 - HID: core: fix shift-out-of-bounds in hidreportrawevent CVE-2022-48978 Orabug: 38644370 - crypto: seqiv - Handle EBUSY correctly CVE-2023-53373 Orabug: 38644370 - nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 Orabug: 38644370 - netsched: hfsc: Fix a...

CVE-2025-12952

CVE-2025-12952 describes a privilege-escalation in Google Cloud Dialogflow CX. Investigations across multiple sources indicate that agents with Webhook editor permission could misuse Dialogflow service agent access token authentication to escalate from agent-level to project-level, enabling acces...

EUVD-2021-15466

Malware in sbrugna...

EUVD-2020-30774

Malware in sbrugna...

CLSA-2025-1757501175 httpd: Fix of CVE-2025-49812

CVE-2025-49812: remove support for TLS upgrade to prevent HTTP desynchronisation attacks in modssl configurations...

July 8, 2025—KB5062572 (OS Build 20348.3932)

July 8, 2025—KB5062572 OS Build 20348.3932 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updated in...

July 8, 2025—KB5062570 (OS Build 25398.1732)

July 8, 2025—KB5062570 OS Build 25398.1732 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updated in...

SUSE CVE-2025-38561

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix PreauhHashValue race condition If client send multiple session setup requests to ksmbd, PreauhHashValue race condition could happen. There is no need to free sess-PreauhHashValue at session setup phase. It can be freed...

Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. CVE-2024-53173: NFSv4.0:...

Description of the security update for SharePoint Server 2019: June 10, 2025 (KB5002729)

Description of the security update for SharePoint Server 2019: June 10, 2025 KB5002729 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft Word remote code execution vulnerability. To learn more about the vulnerabilities, see the...