GHSA-5Q38-6RWH-6R7Q vulnerabilities

Vulnerabilities for packages: linux-vmware, linux-qemu, linux-aws, linux-azure, linux-gcp...

VMware Spring Framework 资源管理错误漏洞

VMware Spring Framework is an open-source Java/JavaEE application framework developed by VMware, Inc. This framework helps developers build high-quality applications. There is a resource management vulnerability in the VMware Spring Framework, where temporary files created during processing...

VMware Spring Framework 安全漏洞

VMware Spring Framework is an open-source Java/JavaEE application framework developed by VMware, a US-based company. This framework helps developers build high-quality applications. There is a security vulnerability in the VMware Spring Framework, which stems from caching malicious resources duri...

VMware Spring AI SQL注入漏洞

VMware Spring AI is a development framework by the American company VMware, which integrates artificial intelligence and large language model capabilities into the Spring ecosystem. Versions 1.0.0 to 1.0.5 and 1.1.0 to 1.1.4 of VMware Spring AI contain SQL injection vulnerabilities. These...

VMware Spring Boot 安全漏洞

VMware Spring Boot is an open-source framework developed by the American company VMware. There are security vulnerabilities in versions 4.0.0 to 4.0.5, 3.5.0 to 3.5.13, 3.4.0 to 3.4.15, 3.3.0 to 3.3.18, and 2.7.0 to 2.7.32 of VMware Spring Boot. These vulnerabilities stem from a timing attack in...

VMware Spring Boot 安全特征问题漏洞

VMware Spring Boot is an open-source framework developed by the American company VMware. There are security vulnerabilities in versions 4.0.0 to 4.0.5, 3.5.0 to 3.5.13, 3.4.0 to 3.4.15, 3.3.0 to 3.3.18, and 2.7.0 to 2.7.32 of VMware Spring Boot. These vulnerabilities stem from the use of random...

VMware Spring AI 资源管理错误漏洞

VMware Spring AI is a development framework by the American company VMware, which integrates artificial intelligence and large language model capabilities into the Spring ecosystem. Versions 1.0.0 to 1.0.5 and 1.1.0 to 1.1.4 of VMware Spring AI contain resource management vulnerabilities. These...

VMware Spring Boot 安全漏洞

VMware Spring Boot is an open-source framework developed by the American company VMware. Versions of VMware Spring Boot 4.0.0 to 4.0.5 have security vulnerabilities. These vulnerabilities stem from the default web security being ineffective, which may allow unauthorized access to all endpoints...

VMware Spring AI 代码注入漏洞

VMware Spring AI is a development framework by the American company VMware, which integrates artificial intelligence and large language model capabilities into the Spring ecosystem. Versions 1.0.0 to 1.0.5, as well as 1.1.0 to 1.1.4 of VMware Spring AI, have code injection vulnerabilities. These...

Vmware Spring gRPC 安全漏洞

Vmware Spring gRPC is an extension component for Spring application development developed by Vmware, a company in the United States. Versions 1.0.0 to 1.0.2 of Vmware Spring gRPC contain security vulnerabilities. These vulnerabilities arise when authenticated users are denied access to gRPC...

VMware Spring Boot 后置链接漏洞

VMware Spring Boot is an open-source framework developed by the American company VMware. Vulnerabilities exist in versions 4.0.0 to 4.0.5, 3.5.0 to 3.5.13, 3.4.0 to 3.4.15, 3.3.0 to 3.3.18, and 2.7.0 to 2.7.32 of VMware Spring Boot. These vulnerabilities stem from issues with PID files and symbol...

VMware Spring Boot 信任管理问题漏洞

VMware Spring Boot is an open-source framework developed by the American company VMware. There are security vulnerabilities in versions 4.0.0 to 4.0.5, 3.5.0 to 3.5.13, 3.4.0 to 3.4.15, 3.3.0 to 3.3.18, and 2.7.0 to 2.7.32 of VMware Spring Boot. These vulnerabilities stem from the lack of hostnam...

VMware Spring Boot 安全漏洞

VMware Spring Boot is an open-source framework developed by the American company VMware. There are security vulnerabilities in versions 4.0.0 to 4.0.5, 3.5.0 to 3.5.13, 3.4.0 to 3.4.15, 3.3.0 to 3.3.18, and 2.7.0 to 2.7.32 of VMware Spring Boot. These vulnerabilities stem from predictable tempora...

VMware Spring AI 安全漏洞

VMware Spring AI is a development framework by the American company VMware, which integrates artificial intelligence and large language model capabilities into the Spring ecosystem. Versions 1.0.0 to 1.0.5, as well as 1.1.0 to 1.1.4 of VMware Spring AI, have security vulnerabilities. These...

Vmware Spring gRPC 安全漏洞

Vmware Spring GRPC is an extension component for Spring application development developed by Vmware, which supports GRPC communication. Versions 1.0.0 to 1.0.2 of Vmware Spring GRPC contain security vulnerabilities. These vulnerabilities stem from the fact that the original message of the...

VMware Spring AI 访问控制错误漏洞

VMware Spring AI is a development framework by the American company VMware, which integrates artificial intelligence and large language model capabilities into the Spring ecosystem. VMware Spring AI has a access control vulnerability; this vulnerability stems from injecting filter logic through...

VMware Spring Boot 信任管理问题漏洞

VMware Spring Boot is an open-source framework developed by the American company VMware. In versions 4.0.0 to 4.0.5 of VMware Spring Boot, there was a vulnerability related to trust management. This vulnerability stemmed from the fact that Elasticsearch’s automatic configuration during the...

VMware Spring Boot 信任管理问题漏洞

VMware Spring Boot is an open-source framework developed by the American company VMware. There were security vulnerabilities in versions 4.0.0 to 4.0.5 and 3.5.0 to 3.5.13 of VMware Spring Boot. These vulnerabilities stemmed from an issue where RabbitMQ automatically configured SSL bundles withou...

Photon OS 5.0: Python3 PHSA-2026-5.0-0830

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0830. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE-SU-2026:1606-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38234: sched/rt: Fix race in pushrttask bsc1246057. - CVE-2026-23103: ipvlan: Make the addrslock be per port bsc1257773. - CVE-2026-23243: RDMA/umad: Reject...