Fedora 43 : kernel (2026-5e5a0f9621)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5e5a0f9621 advisory. The 7.0.7 stable kernel update contains a number of important fixes across the tree. It also patches up a vulnerable codepath for fragnesia that was not in t...

Minor update for Vivaldi Android Browser 7.9

Head to the Google Play Store and download the browser. Alternatively, you can download Vivaldi from Uptodown, the Android app store. Your rating for our browser matters. ⭐️ ⭐️ ⭐️ ⭐️ ⭐️ Enjoy! Changelog The following is a list of changes since the initial 7.9 stable release: Upgraded to...

SUSE-SU-2025:21110-1 Security update for kernel-livepatch-MICRO-6-0_Update_7

This update for kernel-livepatch-MICRO-6-0Update7 fixes the following issues: - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP bsc1249537...

Security Bulletin: IBM QRadar SIEM is affected by cross-site scripting (CVE-2025-36170, CVE-2025-36138)

Summary IBM QRadar SIEM is affected by cross-site scripting . IBM has addressed the issue in the latest update. Vulnerability Details CVEID:CVE-2025-36170 DESCRIPTION: IBM QRadar is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_7

This update for kernel-livepatch-MICRO-6-0-RTUpdate7 fixes the following issues: CVE-2025-22115: btrfs: fix block group refcount race in btrfscreatependingblockgroups bsc1241579 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

CVE-2025-22459

Improper certificate validation in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to intercept limited traffic between clients and servers...

CVE-2025-22458

DLL hijacking in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an authenticated attacker to escalate to System...

PT-2024-33318 · WordPress · Seopress

Name of the Vulnerable Software and Affected Versions: SEOPress WordPress plugin versions prior to 7.8 Description: The issue concerns the SEOPress WordPress plugin, where certain Post settings are not properly sanitized and escaped, potentially allowing high-privilege users, such as contributors...

PT-2024-21968 · Unknown · Numbas Editor

Name of the Vulnerable Software and Affected Versions: Numbas editor versions prior to 7.3 Description: The issue concerns the mishandling of reading themes and extensions in the Numbas editor. Recommendations: For versions prior to 7.3, update to version 7.3 or later to resolve the issue...

PT-2024-13940 · Couchbase · Couchbase Server

Name of the Vulnerable Software and Affected Versions: Couchbase Server versions 7.1.5 through 7.2.3 Description: An issue was discovered in Couchbase Server where ns server admin credentials are leaked in encoded form in the diag.log file. Recommendations: For Couchbase Server versions 7.1.5...

PT-2024-7416 · Unknown · Ember Znet

Name of the Vulnerable Software and Affected Versions: Ember ZNet versions prior to 7.4.0 Description: The issue is related to the possibility of manipulating the NWK sequence number, which can lead to a denial of service attack. This could allow a remote attacker to cause a service disruption...

PT-2023-5994 · Fortinet · Fortimanager +1

Name of the Vulnerable Software and Affected Versions: Fortinet FortiManager versions 7.4.0 and before 7.2.3 Fortinet FortiAnalyzer versions 7.4.0 and before 7.2.3 Description: The issue is related to the implementation of client-side security features. It may allow a remote attacker with low...

CVE-2023-39419

A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 7. The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the...

CVE-2023-39188

A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 7. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the curre...

CVE-2023-39187

A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 7. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the curre...

CVE-2023-39184

A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 7. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PSM files. This could allow an attacker to execute code in the context of the curre...

CVE-2023-39181

A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 7. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to execute code in the context of the curren...

CVE-2023-39182

A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 7. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the curre...

PT-2023-4231 · Siemens · Solid Edge

Name of the Vulnerable Software and Affected Versions: Solid Edge SE2023 versions prior to V223.0 Update 7 Description: A vulnerability has been identified that involves an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an...

Vulnerabilities fixed in Microfocus ArcSight Logger

Micro Focus has fixed vulnerabilities in ArcSight Logger. A malicious party could exploit the vulnerabilities to launch a Cross-site Scripting attack, or an XML External Entity Injection. Such an attack can lead to execution of arbitrary code in the context of the victim's browser, or access data...