SUSE SLES16 Security Update : ImageMagick (SUSE-SU-2025:21211-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:21211-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. -...

openSUSE 16 Security Update : ImageMagick (openSUSE-SU-2025:20162-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20162-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807:...

CVE-2025-65855

The OTA firmware update mechanism in Netun Solutions HelpFlash IoT firmware v18178221102ASCIIPRO1R550 uses hard-coded WiFi credentials identical across all devices and does not authenticate update servers or validate firmware signatures. An attacker with brief physical access can activate OTA mod...

SUSE-SU-2025:21211-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807: BlobStream Forward-Seek Under-Allocation bsc1249362. - CVE-2025-62171: incomplete fix for integer...

OPENSUSE-SU-2025:20162-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807: BlobStream Forward-Seek Under-Allocation bsc1249362. - CVE-2025-62171: incomplete fix for integer...

CVE-2025-54369

Node-SAML is a SAML library not dependent on any frameworks that runs in Node. In versions 5.0.1 and below, Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify...

Linux Distros Unpatched Vulnerability : CVE-2025-11266

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write vulnerability exists in the Grassroots DICOM library GDCM. The issue is triggered during parsing of a malformed DICOM file containing...

CVE-2025-11266

An out-of-bounds write vulnerability exists in the Grassroots DICOM library GDCM. The issue is triggered during parsing of a malformed DICOM file containing encapsulated PixelData fragments compressed image data stored as multiple fragments. This vulnerability leads to a segmentation fault caused...

CVE-2025-11266

An out-of-bounds write vulnerability exists in the Grassroots DICOM library GDCM. The issue is triggered during parsing of a malformed DICOM file containing encapsulated PixelData fragments compressed image data stored as multiple fragments. This vulnerability leads to a segmentation fault caused...

PT-2025-50980

Name of the Vulnerable Software and Affected Versions Grassroots DICOM library GDCM affected versions not specified Description An out-of-bounds write issue exists in the Grassroots DICOM library GDCM during the parsing of a malformed DICOM file. The issue occurs when processing encapsulated...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991161)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991161 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: prevent underflow in nfssvcdecodewriteargs Smatch complains: fs/nfsd/nfsxdr.c:341...

CVE-2025-2296

A flaw was found in EDK2 EFI Development Kit 2. This vulnerability allows an attacker to cause arbitrary command execution and impact Confidentiality, Integrity, and Availability via improper input validation by local access. Mitigation To reduce the risk by disabling direct-boot mode, ensuring a...

CLSA-2025-1765223770 xorg-x11-server: Fix of 4 CVEs

CVE-2025-9632: fix buffer overflow in XkbSetCompatMap - CVE-2025-62229: fix use-after-free condition due improper error handling during notification creation leading to DoS - CVE-2025-62230: fix use-after-free condition due freeing certain data structures without properly detaching related...

expat: integer overflow in the doProlog function

A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service...

expat: integer overflow in the doProlog function

A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service...

CVE-2023-53783 blk-iocost: fix divide by 0 error in calc_lcoefs()

In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calclcoefs echo max of u64 to cost.model can cause divide by 0 error. echo 8:0 rbps=18446744073709551615 /sys/fs/cgroup/io.cost.model divide error: 0000 1 PREEMPT SMP RIP:...

CVE-2023-53783 blk-iocost: fix divide by 0 error in calc_lcoefs()

In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calclcoefs echo max of u64 to cost.model can cause divide by 0 error. echo 8:0 rbps=18446744073709551615 /sys/fs/cgroup/io.cost.model divide error: 0000 1 PREEMPT SMP RIP:...

CLSA-2025-1765209523 xorg-x11-server: Fix of 4 CVEs

CVE-2025-9632: fix buffer overflow in XkbSetCompatMap - CVE-2025-62229: fix use-after-free condition due improper error handling during notification creation leading to DoS - CVE-2025-62230: fix use-after-free condition due freeing certain data structures without properly detaching related...

CLSA-2025-1765209058 xorg-x11-server: Fix of 4 CVEs

CVE-2025-9632: fix buffer overflow in XkbSetCompatMap - CVE-2025-62229: fix use-after-free condition due improper error handling during notification creation leading to DoS - CVE-2025-62230: fix use-after-free condition due freeing certain data structures without properly detaching related...

xorg: xmayland: Value overflow in XkbSetCompatMap()

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...