Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Squashfs: fix handling and sanity checking of xattrids count CVE-2023-52933 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CVE-2024-34687

SAP NetWeaver Application Server for ABAP and ABAP Platform do not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An attacker can control code that is executed within a user’s browser, which could result in modification, deletion of data, includin...

CVE-2021-27613

Under certain conditions, SAP Business One Chef cookbook, version - 9.2, 9.3, 10.0, used to install SAP Business One, allows an attacker to exploit an insecure temporary folder for incoming & outgoing payroll data and to access information which would otherwise be restricted, which could lead to...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

PT-2025-20998

Name of the Vulnerable Software and Affected Versions: Windows Win32K versions prior to the fixed version Description: The issue is a heap-based buffer overflow in Windows Win32K - GRFX, allowing an unauthorized attacker to execute code locally. This enables an attacker to gain SYSTEM-level acces...

Area Comparison of CHERIoT and PMP in Ibex

Memory safety is a critical concern for modern embedded systems, particularly in security-sensitive applications. This paper explores the area impact of adding memory safety extensions to the Ibex RISC-V core, focusing on physical memory protection PMP and Capability Hardware Extension to RISC-V...

PT-2025-20954 · Microsoft · Windows File Server +1

Name of the Vulnerable Software and Affected Versions: Windows File Server affected versions not specified Description: The issue is an out-of-bounds read that allows an unauthorized attacker to disclose information locally. This could potentially allow attackers to obtain sensitive information a...

PT-2025-20937 · Microsoft · Windows Kernel +1

Name of the Vulnerable Software and Affected Versions: Windows Kernel affected versions not specified Description: A heap-based buffer overflow issue in the Windows Kernel allows an authorized attacker to elevate privileges locally. This elevation-of-privilege issue can affect the system...

CVE-2025-30693

CVE-2025-30693 affects Oracle MySQL Server (InnoDB) with vulnerable versions: 8.0.0–8.0.41, 8.4.0–8.4.4, and 9.0.0–9.2.0. The issue allows a high-privilege attacker with network access over multiple protocols to cause a hang or a complete DoS (frequently-repeating crash) and may enable unauthoriz...

CVE-2025-2814 Crypt::CBC versions between 1.21 and 3.05 for Perl may use insecure rand() function for cryptographic functions

Crypt::CBC versions between 1.21 and 3.05 for Perl may use the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This issue affects operating systems where "/dev/urandom'" is unavailable. In that case, Crypt::CBC will fallback to...

PT-2025-10823

Name of the Vulnerable Software and Affected Versions Microsoft Office affected versions not specified Description A use after free condition exists in Microsoft Office, allowing an unauthorized attacker to execute code. The issue enables remote attackers to execute arbitrary code and affect the...

Linux Distros Unpatched Vulnerability : CVE-2024-43908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the null pointer dereference to rasmanager Check rasmanager before using it...

PT-2025-6312 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in access control within the Windows operating system kernel, allowing an attacker to bypass existing security restrictions. This could potentially enable an...

CVE-2025-21338

GDI+ Remote Code Execution Vulnerability...

PT-2025-38318

Name of the Vulnerable Software and Affected Versions Chromium versions prior to 140.0.7339.185 Microsoft Edge Chromium-based versions prior to 140.0.7339.185 Description A heap buffer overflow exists in the ANGLE component of Google Chrome and Microsoft Edge. This issue could allow a remote...

CISCO-SA-20181003-IND

creationtimestamp| type| source ---|---|--- 2024-12-17 06:41:30+00:00| seen| https://social.circl.lu/users/vulnerabilitylookup/statuses/113666793167333937...

SUSE: Security Advisory (SUSE-SU-2024:4324-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-9430 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to a buffer overflow in memory, which can be exploited to elevate privileges. This can allow an attacker to affect the system. Recommendations: At the moment,...

7-Zip Qcow Handler Infinite Loop Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the processin...