40 matches found
USN-8492-1 linux, linux-aws, linux-aws-fips, linux-gcp, linux-gcp-fips, linux-ibm, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-realtime, linux-realtime-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...
Security Bulletin: IBM Security QRadar Log Management AQL Plugin is vulnerable to using components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. IBM Security QRadar Log Management AQL Plugin has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2026-41907 DESCRIPTION: uuid is f...
CVE-2026-43165 affecting package kernel for versions less than 6.6.137.1-2
CVE-2026-43165 affecting package kernel for versions less than 6.6.137.1-2. An upgraded version of the package is available that resolves this issue...
USN-8142-1: Linux kernel vulnerability
A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control;...
Advisory ROSA-SA-2026-3248
software: exim 4.99.1 OS: ROSA-CHROME unaffected versions = exim-4.99.1-1 affected versions exim-4.99.1-1 CVE-ID: CVE-2025-67896 BDU-ID: 2026-00906 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the Exim mail server is related to a buffer overflow in dynamic memory. Exploitation of the...
CVE-2025-39945 affecting package kernel for versions less than 5.15.200.1-1
CVE-2025-39945 affecting package kernel for versions less than 5.15.200.1-1. An upgraded version of the package is available that resolves this issue...
USN-7995-1 openjdk-25 vulnerabilities
It was discovered that the RMI component of OpenJDK 25 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
Security update for samba (critical)
openSUSE security update: security update for samba ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20048-1 Rating: critical References: bsc1249087 bsc1249179 bsc1249180 bsc1249181 bsc1251279 bsc1251280 Cross-References: CVE-2025-10230 CVE-2025-9640...
TencentOS Server 4: mozjs (TSSA-2025:0366)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0366 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
USN-7685-4: Linux kernel (Oracle) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; - SMB network file syste...
USN-7553-4: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Clock framework and drivers; - GPU drivers; - Parport drivers; - Ext4 file system; - JFFS2 file system; - JFS file...
Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Container Release Update
An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...
CVE-2024-44179
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15. An attacker with physical access to a device may be able to read contact numbers from the lock screen...
openSUSE Security Advisory (openSUSE-SU-2025:0077-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-27157
Mastodon is a self-hosted, federated microblogging platform. Starting in version 4.2.0 and prior to versions 4.2.16 and 4.3.4, the rate limits are missing on /auth/setup. Without those rate limits, an attacker can craft requests that will send an email to an arbitrary addresses. Versions 4.2.16 a...
PT-2025-3686
Name of the Vulnerable Software and Affected Versions Arm Ltd Bifrost GPU Kernel Driver versions r44p1, from r46p0 through r49p0, from r50p0 through r51p0 Arm Ltd Valhall GPU Kernel Driver versions r44p1, from r46p0 through r49p0, from r50p0 through r51p0 Arm Ltd Arm 5th Gen GPU Architecture Kern...
CVE-2024-53091 bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx
In the Linux kernel, the following vulnerability has been resolved: bpf: Add skisinet and ISICSK check in tlsswhasctxtx/rx As the introduction of the support for vsock and unix sockets in sockmap, tlsswhasctxtx/rx cannot presume the socket passed in must be ISICSK. vsock and afunix sockets have...
USN-7071-1: Linux kernel vulnerability
A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; CVE-2024-45016...
SUSE-SU-2023:2280-1 Security update for rmt-server
This update for rmt-server fixes the following issues: Updated to version 2.13: - CVE-2023-28120: Fixed a potential XSS issue in an embedded dependency bsc1209507. - CVE-2023-27530: Fixed a denial of service issue in multipart request parsing bsc1209096. Non-security fixes: - Fixed transactional...
Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities (CVE-2022-22345, CVE-2020-8022, CVE-2021-33813, CVE-2020-9488)
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2022-22345 DESCRIPTION: IBM QRadar is vulnerable to cross-site scripting. Thi...