CVE-2025-37836 affecting package kernel for versions less than 6.6.92.2-1

CVE-2025-37836 affecting package kernel for versions less than 6.6.92.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-21585 affecting package mysql for versions less than 8.0.42-1

CVE-2025-21585 affecting package mysql for versions less than 8.0.42-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-51443

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.11, when handling DTLS-SRTP for media setup, FreeSWITCH is susceptible to Denial of Service...

SUSE-SU-2025:0618-1 Security update for postgresql17

This update for postgresql17 fixes the following issues: Upgrade to 17.4: - CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093...

CVE-2023-49109

Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.1. We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue...

CVE-2023-22499 Interactive permission prompt spoofing in Deno

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action. A malicious program could clear the...

Syslog-ng: Denial of service

Background Syslog-ng is a flexible and scalable system logger. Description Oriol Carreras reported a NULL pointer dereference in the logmsgparse function when processing timestamps without a terminating whitespace character. Impact A remote attacker could send a specially crafted event to a...