EUVD-2025-7996

Malicious code in bioql PyPI...

EUVD-2024-1212

Malicious code in bioql PyPI...

SUSE: Security Advisory (SUSE-SU-2025:03150-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TencentOS Server 4: libheif (TSSA-2025:0631)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0631 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

php8-8.4.10-1.1 on GA media (moderate)

php8-8.4.10-1.1 on GA media Announcement ID: openSUSE-SU-2025:15340-1 Rating: moderate Cross-References: CVE-2025-1220 CVE-2025-1735 CVE-2025-6491 CVSS scores: CVE-2025-1220 SUSE : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2025-1220 SUSE : 9.1...

CVE-2025-23166 affecting package nodejs for versions less than 20.14.0-9

CVE-2025-23166 affecting package nodejs for versions less than 20.14.0-9. A patched version of the package is available...

SUSE SLES15 : Recommended update for podman (SUSE-SU-SUSE-RU-2025:02092-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-SUSE-RU-2025:02092-1 advisory. - Added patch to remove using rw as a default mount option bsc1239776 Tenable has extracted the preceding description bloc...

Debian dla-4216 : libcjson-dev - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4216 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4216-1 [email protected]...

PT-2025-24632 · Undefined · Undefined

CISA has just added three new vulnerabilities to its Known Exploited Vulnerabilities KEV catalog: Erlang OTP CVE-2024-39992 OpenSSH CVE-2024-39993 Roundcube Webmail CVE-2024-39994 These vulnerabilities are actively being exploited in the wild and must be patched by June 25, 2025, as per Binding...

PT-2025-24633 · Undefined · Undefined

CISA has just added three new vulnerabilities to its Known Exploited Vulnerabilities KEV catalog: Erlang OTP CVE-2024-39992 OpenSSH CVE-2024-39993 Roundcube Webmail CVE-2024-39994 These vulnerabilities are actively being exploited in the wild and must be patched by June 25, 2025, as per Binding...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2025-073 (ALASKERNEL-5.15-2025-073)

The version of kernel installed on the remote host is prior to 5.15.184-125.190. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-073 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data...

CVE-2025-46570 vLLM’s Chunk-Based Prefix Caching Vulnerable to Potential Timing Side-Channel

vLLM is an inference and serving engine for large language models LLMs. Prior to version 0.9.0, when a new prompt is processed, if the PageAttention mechanism finds a matching prefix chunk, the prefill process speeds up, which is reflected in the TTFT Time to First Token. These timing differences...

grype-0.92.1-1.1 on GA media (moderate)

grype-0.92.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:15136-1 Rating: moderate Cross-References: CVE-2021-3711 CVE-2022-2068 CVSS scores: CVE-2021-3711 SUSE : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-2068 SUSE : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Affected...

CVE-2025-31262

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. An app may be able to modify protected parts of the file system...

Alibaba Cloud Linux 3 : 0019: wpa_supplicant (ALINUX3-SA-2021:0019)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0019 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-16275: hostapd before 2.10 and...

CVE-2025-31497

TEIGarage’s Document Conversion Service is affected by a critical XML External Entity (XXE) injection in versions prior to 1.2.4. The vulnerability arises because external entity processing is not disabled during XML processing, allowing an attacker to read arbitrary files from the server filesys...

GHSA-FFQC-F68H-QQ8W vulnerabilities

Vulnerabilities for packages: patch...

RHSA-2025:0903 Red Hat Security Advisory: libsoup security update

Bulletin has no description...

ansible-core-2.17-2.17.6-1.1 on GA media (moderate)

ansible-core-2.17-2.17.6-1.1 on GA media Announcement ID: openSUSE-SU-2024:14537-1 Rating: moderate Cross-References: CVE-2023-5115 CVE-2023-5764 CVE-2024-0690 CVE-2024-8775 CVE-2024-9902 CVSS scores: CVE-2023-5115 SUSE : 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N CVE-2023-5764 SUSE : 6.6...

libjxl-devel-0.11.1-1.1 on GA media (moderate)

libjxl-devel-0.11.1-1.1 on GA media Announcement ID: openSUSE-SU-2024:14531-1 Rating: moderate Cross-References: CVE-2024-11403 CVE-2024-11498 CVSS scores: CVE-2024-11403 SUSE : 6.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L CVE-2024-11498 SUSE : 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H...