SUSE SLED15 / SLES15 Security Update : go1.25-openssl (SUSE-SU-2026:2079-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2079-1 advisory. This update for go1.25-openssl fixes the following issues Security issues: - CVE-2026-33811: net: crash when...

OpenTofu: Excessive resource usage in "tofu init" when installing dependencies from attacker-controlled server

Impact Unauthenticated denial of service. Summary When installing provider or module packages from attacker-controlled servers, the server may cause tofu initto enter an infinite loop sending garbage data to that server. Those who depend on modules or providers served from untrusted third-party...

CVE-2022-42975

socket/transport.ex in Phoenix before 1.6.14 mishandles checkorigin wildcarding. NOTE: LiveView applications are unaffected by default because of the presence of a LiveView CSRF token...

EUVD-2019-6815

Malware in sbrugna...

EUVD-2017-7915

Malware in sbrugna...

EUVD-2023-24061

Malicious code in bioql PyPI...

CVE-2025-52288

Assertion failure in function ngapbuilddownlinknastransport in file src/amf/ngap-build.c, the Access and Mobility Management Function AMF component, in Open5GS thru 2.7.5 allowing attackers to cause a denial of service or other unspecified impacts via repeated UE connect and disconnect message...

Open5GS has an unspecified vulnerability (CNVD-2025-18568)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited by an attacker to cause reachable assertions via the function ngapbuilddownlinknastransport in the...

Hotfix update for Exchange Server 2019 CU14: April 18, 2025 (KB5050673)

Hotfix update for Exchange Server 2019 CU14: April 18, 2025 KB5050673 Hotfix update for Microsoft Exchange Server 2019 CU14 was released on April 18, 2025. It includes fixes for non-security issues and introduces new features. These fixes and features will also be included in later cumulative...

Hotfix update for Exchange Server 2019 CU14 HU5: May 29, 2025 (KB5057652)

Hotfix update for Exchange Server 2019 CU14 HU5: May 29, 2025 KB5057652 Hotfix update for Microsoft Exchange Server 2019 CU14 HU5 was released on May 29, 2025. It includes fixes for nonsecurity issues and introduces new features. These fixes and features will also be included in later cumulative...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21669)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21669 advisory. - In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the...

CVE-2025-21669 vsock/virtio: discard packets if the transport changes

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the transport changes If the socket has been de-assigned or assigned to another transport, we must discard any packets received because they are not expected and would cause issues when we access...

CVE-2024-57804 scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs The driver, through the SAS transport, exposes a sysfs interface to enable/disable PHYs in a controller/expander setup. When multiple PHYs are disabled and...

CVE-2025-0237

The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability was fixed in Firefox 134, Firefox ESR 128.6, Thunderbird...

CVE-2021-46999 sctp: do asoc update earlier in sctp_sf_do_dupcook_a

In the Linux kernel, the following vulnerability has been resolved: sctp: do asoc update earlier in sctpsfdodupcooka There's a panic that occurs in a few of envs, the call trace is as below: general protection fault, ... 0x29acd70f1000a: 0000 1 SMP PTI RIP:...

CVE-2021-46999

In the Linux kernel, the following vulnerability has been resolved: sctp: do asoc update earlier in sctpsfdodupcooka There's a panic that occurs in a few of envs, the call trace is as below: general protection fault, ... 0x29acd70f1000a: 0000 1 SMP PTI RIP:...

Medium: postgresql15

Issue Overview: In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...

CURL-CVE-2014-8151 Secure Transport certificate check bypass

libcurl stores TLS Session IDs in its associated Session ID cache when it connects to TLS servers. In subsequent connects it reuses the entry in the cache to resume the TLS connection faster than when doing a full TLS handshake. The actual implementation for the Session ID caching varies dependin...

CVE-2002-0302

The Notify daemon for Symantec Enterprise Firewall SEF 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack...