1084 matches found
kernel security update
5.14.0-570.25.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...
traefik2-2.11.26-1.1 on GA media (moderate)
traefik2-2.11.26-1.1 on GA media Announcement ID: openSUSE-SU-2025:15305-1 Rating: moderate Cross-References: CVE-2024-28180 CVE-2024-45338 CVE-2025-22868 CVE-2025-22869 CVE-2025-22871 CVE-2025-22872 CVE-2025-27144 CVE-2025-32431 CVE-2025-47952 CVSS scores: CVE-2024-28180 SUSE : 4.3...
python311-requests-2.32.4-1.1 on GA media (moderate)
python311-requests-2.32.4-1.1 on GA media Announcement ID: openSUSE-SU-2025:15281-1 Rating: moderate Cross-References: CVE-2024-47081 CVSS scores: CVE-2024-47081 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2024-47081 SUSE : 8.2...
PT-2025-27885 · Unknown · Amazewp Fluxtore
Name of the Vulnerable Software and Affected Versions: amazewp fluXtore versions 1.6.0 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows the exploitation of incorrectly configured access control security levels. Recommendations: For amazewp...
Security Bulletin: Multiple Vulnerabilities in IBM Event Streams
Summary Multiple vulnerabilities were addressed in IBM Event Streams version 11.8.1. Vulnerability Details CVEID:CVE-2024-47535 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An...
RHSA-2025:10103 Red Hat Security Advisory: microcode_ctl security update
Bulletin has no description...
python3.11 security update
3.11.11-2.1 - Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 - Resolves: RHEL-98045, RHEL-98015, RHEL-98238, RHEL-98177, RHEL-98206...
CVE-2025-53099 Sentry Missing Invalidation of Authorization Codes During OAuth Exchange and Revocation
Sentry is a developer-first error tracking and performance monitoring tool. Prior to version 25.5.0, an attacker with a malicious OAuth application registered with Sentry can take advantage of a race condition and improper handling of authorization code within Sentry to maintain persistence to a...
python3.12 security update
3.12.11-1 - Update to 3.12.11 - Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 Resolves: RHEL-98040, RHEL-98010, RHEL-97808, RHEL-98070, RHEL-98213...
Fedora: Security Advisory (FEDORA-2025-ddcd03b103)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2025:02146-1 Security update for the Linux Kernel (Live Patch 54 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059195 fixes one issue. The following security issue was fixed: - CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream bsc1238730...
SUSE-SU-2025:02134-1 Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024133 fixes several issues. The following security issues were fixed: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing...
[SECURITY] [DSA 5949-1] libxml2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5949-1 [email protected] https://www.debian.org/security/ Aron Xu June 26, 2025 https://www.debian.org/security/faq - -------------------------------------------------------------------------...
ALSA-2025:9581 Moderate: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: cifs: fix double free race when mount fails in cifsgetroot CVE-2022-48919 kernel: security/keys: fix slab-out-of-bounds in...
Photon OS 5.0: Wireshark PHSA-2025-5.0-0537
An update of the wireshark package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0537. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
ALSA-2025:9634 Moderate: osbuild-composer security update
A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes: net/http:...
Moderate: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: cifs: fix double free race when mount fails in cifsgetroot CVE-2022-48919 kernel: security/keys: fix slab-out-of-bounds in...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-140.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements, and moves to th...
3.3 bug fix and enhancement update
An update is available for rubygem-pg, module.rubygem-mysql2, rubygem-mysql2, module.rubygem-pg. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed...
Moderate: krb5 security update
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...