41 matches found
openSUSE 16 Security Update : syft (openSUSE-SU-2026:20928-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20928-1 advisory. Changes in syft: - Update to version 1.45.0: Added Features - Add support for ZapAddOns as jar files 4654 4932 @douglasclarke - MySQL binary classifier...
OPENSUSE-SU-2026:20928-1 Security update for syft
This update for syft fixes the following issues: Changes in syft: - Update to version 1.45.0: Added Features - Add support for ZapAddOns as jar files 4654 4932 @douglasclarke - MySQL binary classifier should distinguish between MySQL Cluster ndb and MySQL 3297 4907 @witchcraze - Catalog...
GHSA-72HV-8253-57QQ vulnerabilities
Vulnerabilities for packages: logstash, confluent-kafka, airflow, apache-tika, thingsboard, ruby3.4-jrjackson, management-api-for-apache-cassandra-5.0, trino, dependency-track, gradle, spark, kafka, apache-nifi, wildfly, neo4j, scala, gradle-stage0, jenkins-plugin-manager, tez, ruby3.3-jrjackson,...
GHSA-72HV-8253-57QQ vulnerabilities
Vulnerabilities for packages: cass-config-builder, s3proxy, tritonserver-backend-vllm-cuda-13.0, nuxeo, dependency-track, kafka, apache-tika-fips, nacos-docker, ruby4.0-jrjackson, dependency-track-apiserver, opensearch-fips, wso2is, druid, tez, spark, cass-config-builder-fips, confluent-kafka,...
Ubuntu: Security Advisory (USN-7654-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-48734 vulnerabilities
Vulnerabilities for packages: jenkins-plugin-manager, apache-nifi, kafka, hadoop-client-modules, cassandra-reaper, opensearch, wildfly, apicurio-registry, celeborn, apache-activemq-artemis, druid, neo4j, trino, confluent-common-docker, tez, jenkins, spdx-tools-java, strimzi-kafka-operator,...
php:8.2 security update
php 8.2.28-1 - rebase to 8.2.28 8.2.25-1 - rebase to 8.2.25 RHEL-65837 8.2.13-1 - rebase to 8.2.13 RHEL-14699 - add %phpize and %phpconfig macros - move httpd/nginx wants directives to config files in /etc - php-fpm.conf: move include directive after global section following upstream example,...
openSUSE Security Advisory (SUSE-SU-2024:2135-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2024:2802-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 37 : woff (2022-c30d362ce5)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-c30d362ce5 advisory. Fix a possible double free in woffEncode. - Update License to SPDX - improved summary and description - Add hand-written man pages - Install HTML format...
Fedora 37 : protobuf (2022-25f35ed634)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-25f35ed634 advisory. Selected notes from packaging changes and improvements: 3.19.6 fixes CVE-2022-3171 3.19.5 fixes CVE-2022-1941 License updated to SPDX Unnecessary...
Fedora 41 : krb5 (2024-bdc305fe55)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-bdc305fe55 advisory. Automatic update for krb5-1.21.3-1.fc41. Changelog Tue Jul 9 2024 Julien Rische - 1.21.3-1 - New upstream version 1.21.3 - CVE-2024-26458: Memory le...
libndp security update
1.8-6 - Validate route information option length 1.8-5 - Convert the license tag to SPDX format Related: RHELMISC-1363...
SUSE: Security Advisory (SUSE-SU-2023:4127-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for rust-askama (FEDORA-2023-e9243281cb)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 36 : woff (2022-706c76c4f0)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-706c76c4f0 advisory. Fix a possible double free in woffEncode. - Update License to SPDX - improved summary and description - Add hand-written man pages - Install HTML format...
SUSE: Security Advisory (SUSE-SU-2022:3783-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Bomber - Scans Software Bill Of Materials (SBOMs) For Security Vulnerabilities
bomber is an application that scans SBOMs for security vulnerabilities. Overview So you've asked a vendor for an Software Bill of Materials SBOM for one of their closed source products, and they provided one to you in a JSON file... now what? The first thing you're going to want to do is see if a...
CVE-2022-35929
cosign is a container signing and verification utility. In versions prior to 1.10.1 cosign can report a false positive if any attestation exists. cosign verify-attestation used with the --type flag will report a false positive verification when there is at least one attestation with a valid...
searchsbl.toolforge.org Cross Site Scripting vulnerability OBB-2816704
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...