[SECURITY] [DSA 6322-1] frr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6322-1 [email protected] https://www.debian.org/security/ Aron Xu June 05, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------...

CVE-2025-38669

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-shmem: Use dmabuf from GEM object instance" This reverts commit 1a148af06000e545e714fe3210af3d77ff903c11. The dmabuf field in struct drmgemobject is not stable over the object instance's lifetime. The field become...

Fedora: Security Advisory (FEDORA-2025-8a2d82f65a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-43792

Discourse is an open source discussion platform. In affected versions a vulnerability affects users of tag groups who use the "Tags are visible only to the following groups" feature. A tag group may only allow a certain group e.g. staff to view certain tags. Users who were tracking or watching th...

CVE-2025-32376

CVE-2025-32376 affects Discourse, where the DM limit enforcement could be bypassed. Affected versions are Discourse stable < 3.4.3 and beta

Important: Red Hat Security Advisory: Red Hat Ceph Storage 8.0 security, bug fix, and enhancement updates

An update is now available for Red Hat Ceph Storage 8.0. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. These new packages...

PT-2024-41125 · Git · V8

Outdated dependency on V8 found see policy. Please update to the latest beta, stable, or extended stable versions...

SUSE-SU-2024:2574-1 Security update for nodejs20

This update for nodejs20 fixes the following issues: Update to 20.15.1: - CVE-2024-36138: Fixed CVE-2024-27980 fix bypass bsc1227560 - CVE-2024-22020: Fixed a bypass of network import restriction via data URL bsc1227554 - CVE-2024-22018: Fixed fs.lstat bypasses permission model bsc1227562 -...

Mageia: Security Advisory (MGASA-2024-0193)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-27006 thermal/debugfs: Add missing count increment to thermal_debug_tz_trip_up()

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Add missing count increment to thermaldebugtztripup The count field in struct tripstats, representing the number of times the zone temperature was above the trip point, needs to be incremented in...

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 XZ-Utils Vulnerability Checker and Fixer Th...

BIT-DISCOURSE-2021-39161 Cross-site scripting via category name in Discourse

Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scriptingXSS attacks. This is mitigated by Discourse's default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed...

BIT-DISCOURSE-2023-30538 Stored Cross-site Scripting via improper sanitization of svg files in Discourse

Discourse is an open source platform for community discussion. Due to the improper sanitization of SVG files, an attacker can execute arbitrary JavaScript on the users’ browsers by uploading a crafted SVG file. This issue is patched in the latest stable and tests-passed versions of Discourse. Use...

CVE-2023-23623

Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. A Content-Security-Policy that disables eval, specifically setting a script-src directive and not providing unsafe-eval in that directive, is not respected in renderers that have sandb...

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 6.1 security and bug fix update

New packages for Red Hat Ceph Storage 6.1 are now available on Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

PT-2022-20594 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse affected versions not specified Description: Discourse is an open source discussion platform. In affected versions, an email activation route can be abused to send mass spam emails. A fix has been included in the latest stable, beta...

Security update for apache2 (important)

openSUSE Security Update: Security update for apache2 Announcement ID: openSUSE-SU-2022:0091-1 Rating: important References: 1193942 1193943 1197552 SLE-22733 SLE-22849 Cross-References: CVE-2021-44224 CVE-2021-44790 CVE-2022-1096 CVSS scores: CVE-2021-44224 NVD : 8.2...

CVE-2022-21642

Discourse is an open source platform for community discussion. In affected versions when composing a message from topic the composer user suggestions reveals whisper participants. The issue has been patched in stable version 2.7.13 and beta version 2.8.0.beta11. There is no workaround for this...

Design/Logic Flaw

Discourse is an open source platform for community discussion. In affected versions when composing a message from topic the composer user suggestions reveals whisper participants. The issue has been patched in stable version 2.7.13 and beta version 2.8.0.beta11. There is no workaround for this...

CVE-2022-21642 Exposure of whisper participants in discourse

Discourse is an open source platform for community discussion. In affected versions when composing a message from topic the composer user suggestions reveals whisper participants. The issue has been patched in stable version 2.7.13 and beta version 2.8.0.beta11. There is no workaround for this...