PT-2025-32264

Name of the Vulnerable Software and Affected Versions OpenVPN Access Server affected versions not specified Description The vulnerability allows an attacker to perform JavaScript injection via the SAML relaystate. This could potentially lead to Remote Code Execution RCE. Recommendations At the...

Security update 5.0.5 for Multi-Linux Manager Client Tools

This update fixes the following issues: salt: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability in...

USN-7225-1 HTMLDOC vulnerabilities

It was discovered that HTMLDOC incorrectly handled memory in the imagesetmask, gitreadlzw, writeheader and writenode functions, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected...

Maintenance update for SUSE Manager 5.0: Server, Proxy and Retail Branch Server

Description: This update fixes the following issues: proxy-httpd-image: Version 5.0.8 Store Proxy FQDN in rhn.conf for auth token use bsc1230255 proxy-salt-broker-image: Version 5.0.8 Update for next release proxy-squid-image: Version 5.0.8 Update for next release proxy-ssh-image: Version 5.0.8...

Maintenance update for SUSE Manager 4.3 Release Notes

Description: This update fixes the following issues: release-notes-susemanager-proxy: Update to SUSE Manager 4.3.14 Bugs mentioned: bsc1217003, bsc1221505, bsc1225619, bsc1225960, bsc1226917 bsc1227606, bsc1228036, bsc1228345, bsc1228851, bsc1229079 bsc1229260, bsc1229339 Security update for SUSE...

Vapor Security Breach

Vapor is vapor individual developers of a Swift web development framework. It can be used to develop high-performance web applications and supports iOS, OS X and Ubuntu. A security vulnerability exists in Vapor that stems from a denial of service DoS vulnerability due to a problem encountered...

USN-5889-1 zoneminder vulnerabilities

It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue was only fixed in Ubuntu 16.04 ESM. CVE-2019-6777 It was discovered that ZoneMinder was not properly...

Security update for salt (critical)

openSUSE Security Update: Security update for salt Announcement ID: openSUSE-SU-2021:2106-1 Rating: critical References: 1171257 1176293 1179831 1181368 1182281 1182293 1182382 1185092 1185281 1186674 ECO-3212 SLE-18028 SLE-18033 Cross-References: CVE-2018-15750 CVE-2018-15751 CVE-2020-11651...

CVE-2021-22221

An issue has been discovered in GitLab affecting all versions starting from 12.9.0 before 13.10.5, all versions starting from 13.11.0 before 13.11.5, all versions starting from 13.12.0 before 13.12.2. Insufficient expired password validation in various operations allow user to maintain limited...

SUSE-SU-2021:0906-1 Security update for SUSE Manager Server 4.1

This update fixes the following issues: cobbler: - Fix string replacement for @@xyz@@ - Better performing string replacements grafana-formula: - Set supported to false for unsupported systems bsc1182001 - Add SLES 15 SP3 and openSUSE Leap 15.3 to supported versions mgr-libmod: - Fix 'listmodules'...

CVE-2016-7654

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of...

CVE-2013-0384

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema...