SUSE CVE-2026-46000

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix conn-level packet handling to unshare RESPONSE packets The security operations that verify the RESPONSE packets decrypt bits of it in place - however, the skbuff may be shared with a packet sniffer, which would lead to...

cockpit security update

310.8-1.0.1 - Fixed cockpitwst selinux issue for tmpfs Orabug: 36013589 - Move update-motd out of cockpitwst context Orabug: 36013589 - Update documentation links Orabug: 34706402 - Drop subscription-manager-cockpit requirement for ol Orabug: 34681110 - Remove duplicate reference to server in...

CVE-2026-46000

A flaw was found in the Linux kernel's rxrpc component. Security operations that decrypt RESPONSE packets in place may share the socket buffer skbuff with a packet sniffer. This could allow a local attacker or an attacker with network access to intercept and view decrypted portions of these...

CVE-2026-8673

Unprotected transport of credentials vulnerability in syslink software AG Avantra on Linux, Windows allows Sniffing Attacks. This issue affects Avantra: before 25.3.0...

EUVD-2026-31436

Unprotected transport of credentials vulnerability in syslink software AG Avantra on Linux, Windows allows Sniffing Attacks. This issue affects Avantra: before 25.3.0...

CVE-2026-8673

CVE-2026-8673 describes an unprotected transport of credentials in Avantra from syslink software AG on Linux and Windows, allowing sniffing of credentials. The affected line is Avantra before version 25.3.0. Documented impacts emphasize confidentiality and integrity risks, with CVSS v3.1 indicati...

CVE-2026-8673 Password re-initialization mechanism sends passwords in plain text

Unprotected transport of credentials vulnerability in syslink software AG Avantra on Linux, Windows allows Sniffing Attacks. This issue affects Avantra: before 25.3.0...

CVE-2026-8673

Unprotected transport of credentials vulnerability in syslink software AG Avantra on Linux, Windows allows Sniffing Attacks. This issue affects Avantra: before 25.3.0...

CVE-2026-8673 Password re-initialization mechanism sends passwords in plain text

Unprotected transport of credentials vulnerability in syslink software AG Avantra on Linux, Windows allows Sniffing Attacks. This issue affects Avantra: before 25.3.0...

PT-2026-42764

Name of the Vulnerable Software and Affected Versions Avantra versions prior to 25.3.0 Description An unprotected transport of credentials issue in syslink software AG Avantra on Linux and Windows enables sniffing attacks, where an attacker can intercept sensitive authentication data during...

Avantra 安全漏洞

Avantra is a SAP software developed by the Avantra company. Versions of Avantra prior to 25.3.0 contained security vulnerabilities. These vulnerabilities stemmed from unprotected credential transmission, which could lead to sniffing attacks...

CVE-2025-31985

HCL BigFix Service Management SM is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, potentially causing malicious content to be interpreted and executed incorrectly...

CVE-2025-31985 HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header

HCL BigFix Service Management SM is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, potentially causing malicious content to be interpreted and executed incorrectly...

CVE-2025-31985

HCL BigFix Service Management SM is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, potentially causing malicious content to be interpreted and executed incorrectly...

CVE-2025-31985

CVE-2025-31985 affects HCL BigFix Service Management (SM). The issue is a security misconfiguration caused by a missing or insecure X-Content-Type-Options header, which could allow browsers to perform MIME-type sniffing and potentially cause malicious content to be interpreted and executed incorr...

EUVD-2025-209904

HCL BigFix Service Management SM is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, potentially causing malicious content to be interpreted and executed incorrectly...

CVE-2025-31985 HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header

HCL BigFix Service Management SM is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, potentially causing malicious content to be interpreted and executed incorrectly...

PT-2026-42145

HCL BigFix Service Management SM is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, potentially causing malicious content to be interpreted and executed incorrectly...

HCL BigFix Service Management 安全漏洞

HCL BigFix Service Management is an IT service management and asset management platform developed by the Indian company HCL. There is a security vulnerability in HCL BigFix Service Management. This vulnerability stems from incorrect security configurations. The absence or insecure use of the...

Security Headers Omission in Jira Service Management Data Center

This is a vulnerability in a non-Atlassian Jira Service Management dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Security Headers Omission vulnerability was introduced in versions 10.3.0 and 11.3.0 of Jira Service...