SUSE SLED15 / SLES15 / openSUSE 15 Security Update : webkit2gtk3 (SUSE-SU-2026:1364-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1364-1 advisory. Update to version 2.52.0. Security issues fixed: - CVE-2023-43010: processing maliciously crafte...

SUSE-SU-2026:1364-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.52.0. Security issues fixed: - CVE-2023-43010: processing maliciously crafted web content may lead to memory corruption bsc1259950. - CVE-2025-31223: processing maliciously crafted web content may lead to memory corruptio...

SUSE SLES12 Security Update : webkit2gtk3 (SUSE-SU-2026:1139-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1139-1 advisory. Update to version 2.52.0: - CVE-2023-43010: processing maliciously crafted web content may lead to memory corruption bsc1259950. -...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.52.0: CVE-2023-43010: processing maliciously crafted web content may lead to memory corruption bsc1259950. CVE-2025-31223: processing maliciously crafted web content may lead to memory corruption bsc1259949. CVE-2025-3127...

VulnCheck KEV: CVE-2025-62593

Ray is an AI compute engine. Prior to version 2.52.0, developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. This vulnerability is due to an insufficient guard against browser-based attacks, as the current defense us...

Missing Authentication for Critical Function

Overview org.apache.activemq:artemis-server is a server package for the ActiveMQ-Artemis project. Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the Core protocol implementation. A malicious broker can force a broker to establish an outbound...

Arbitrary Code Injection

Overview ray is an A system for parallel and distributed Python that unifies the ML ecosystem. Affected versions of this package are vulnerable to Arbitrary Code Injection via insufficient validation of the User-Agent header in browser requests. An attacker can execute arbitrary code on the host...

CVE-2025-62593

CVE-2025-62593 affects Ray (AI compute engine) prior to version 2.52.0, with a critical RCE risk exposed through browser-based attacks. The root cause is an insufficient guard that relies on the User-Agent header starting with 'Mozilla' as a defense, which is bypassable via fetch header manipulat...

CVE-2025-62593 Ray is vulnerable to RCE via Safari & Firefox Browsers through DNS Rebinding Attack

Ray is an AI compute engine. Prior to version 2.52.0, developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. This vulnerability is due to an insufficient guard against browser-based attacks, as the current defense us...

CVE-2025-62593 Ray is vulnerable to RCE via Safari & Firefox Browsers through DNS Rebinding Attack

Ray is an AI compute engine. Prior to version 2.52.0, developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. This vulnerability is due to an insufficient guard against browser-based attacks, as the current defense us...