CVE-2024-49897 affecting package kernel for versions less than 6.6.64.2-9

CVE-2024-49897 affecting package kernel for versions less than 6.6.64.2-9. A patched version of the package is available...

CVE-2023-52920 affecting package kernel for versions less than 6.6.64.2-9

CVE-2023-52920 affecting package kernel for versions less than 6.6.64.2-9. A patched version of the package is available...

CVE-2024-56599 affecting package kernel for versions less than 6.6.76.1-1

CVE-2024-56599 affecting package kernel for versions less than 6.6.76.1-1. A patched version of the package is available...

CVE-2024-43911 affecting package kernel for versions less than 6.6.64.2-9

CVE-2024-43911 affecting package kernel for versions less than 6.6.64.2-9. A patched version of the package is available...

CVE-2024-44940 affecting package kernel for versions less than 5.15.176.3-1

CVE-2024-44940 affecting package kernel for versions less than 5.15.176.3-1. A patched version of the package is available...

CVE-2024-53122 affecting package kernel for versions less than 5.15.176.3-1

CVE-2024-53122 affecting package kernel for versions less than 5.15.176.3-1. A patched version of the package is available...

CVE-2024-46841 affecting package kernel for versions less than 5.15.176.3-1

CVE-2024-46841 affecting package kernel for versions less than 5.15.176.3-1. A patched version of the package is available...

CVE-2024-56766 affecting package kernel for versions less than 5.15.176.3-1

CVE-2024-56766 affecting package kernel for versions less than 5.15.176.3-1. A patched version of the package is available...

USN-7299-4 xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04 regression

USN-7299-2 fix vulnerabilities in X.Org X Server. This fix caused a regression in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update fix the regression and re-apply the fix for the CVE listed. We apologize for the inconvenience. Original advisory details: Jan-Niklas Sohn discovered that the X.Org...

CVE-2025-29771

HtmlSanitizer (client-side HTML sanitizer) is affected: versions prior to 2.0.3 are vulnerable to cross-site scripting when used with a contentEditable element that sets innerHTML to a sanitized string. The issue is caused by the code beautifier running after sanitation, enabling XSS. remediation...

USN-7343-2: Jinja2 regression

USN-7343-1 fixed vulnerabilities in Jinja2. The update introduced a regression when attempting to import Jinja2 on Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Rafal Krupinski discovered that Jinja2 did not...

CVE-2025-27792 Opal vulnerable to CSRF protection bypass

Opal is OBiBa’s core database application for biobanks or epidemiological studies. Prior to version 5.1.1, the protections against cross-site request forgery CSRF were insufficient application-wide. The referrer header is checked, and if it is invalid, the server returns 403. However, the referre...

CVE-2025-27101 Broken Access Control in Opal filesystem's copy functionality exposes all user data

Opal is OBiBa’s core database application for biobanks or epidemiological studies. Prior to version 5.1.1, when copying any parent directory to a folder in the /temp/ directory, all files in that parent directory are copied, including files which the user should not have access to. All users of t...

CLSA-2025-1741629091 libxml2: Fix of CVE-2025-27113

CVE-2025-27113: fix compilation of explicit child axis...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

CVE-2025-0337 Authorization bypass in Now Platform

ServiceNow has addressed an authorization bypass vulnerability that was identified in the Washington release of the Now Platform. This vulnerability, if exploited, potentially could enable an authenticated user to access unauthorized data stored within the Now Platform that the user otherwise wou...

Linux Distros Unpatched Vulnerability : CVE-2024-47880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the export- rows command can be used in such a way that it reflects...

Linux Distros Unpatched Vulnerability : CVE-2024-53137

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ARM: fix cacheflush with PAN It seems that the cacheflush syscall got broken when PAN for LP...

Linux Distros Unpatched Vulnerability : CVE-2024-57887

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm: adv7511: Fix use-after-free in adv7533attachdsi The hostnode pointer was assigned and freed in adv7533parsedt, and later, adv7533attachdsi uses the same. F...

Linux Distros Unpatched Vulnerability : CVE-2024-53236

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xsk: Free skb when TX metadata options are invalid When a new skb is allocated for...