CVE-2024-53122 affecting package kernel for versions less than 5.15.176.3-1

CVE-2024-53122 affecting package kernel for versions less than 5.15.176.3-1. A patched version of the package is available...

CVE-2024-44940 affecting package kernel for versions less than 5.15.176.3-1

CVE-2024-44940 affecting package kernel for versions less than 5.15.176.3-1. A patched version of the package is available...

CVE-2024-56766 affecting package kernel for versions less than 5.15.176.3-1

CVE-2024-56766 affecting package kernel for versions less than 5.15.176.3-1. A patched version of the package is available...

CVE-2024-46841 affecting package kernel for versions less than 5.15.176.3-1

CVE-2024-46841 affecting package kernel for versions less than 5.15.176.3-1. A patched version of the package is available...

USN-7299-4 xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04 regression

USN-7299-2 fix vulnerabilities in X.Org X Server. This fix caused a regression in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update fix the regression and re-apply the fix for the CVE listed. We apologize for the inconvenience. Original advisory details: Jan-Niklas Sohn discovered that the X.Org...

CVE-2025-29771

HtmlSanitizer (client-side HTML sanitizer) is affected: versions prior to 2.0.3 are vulnerable to cross-site scripting when used with a contentEditable element that sets innerHTML to a sanitized string. The issue is caused by the code beautifier running after sanitation, enabling XSS. remediation...

USN-7343-2: Jinja2 regression

USN-7343-1 fixed vulnerabilities in Jinja2. The update introduced a regression when attempting to import Jinja2 on Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Rafal Krupinski discovered that Jinja2 did not...

CVE-2025-27792 Opal vulnerable to CSRF protection bypass

Opal is OBiBa’s core database application for biobanks or epidemiological studies. Prior to version 5.1.1, the protections against cross-site request forgery CSRF were insufficient application-wide. The referrer header is checked, and if it is invalid, the server returns 403. However, the referre...

CVE-2025-27101 Broken Access Control in Opal filesystem's copy functionality exposes all user data

Opal is OBiBa’s core database application for biobanks or epidemiological studies. Prior to version 5.1.1, when copying any parent directory to a folder in the /temp/ directory, all files in that parent directory are copied, including files which the user should not have access to. All users of t...

CLSA-2025-1741629091 libxml2: Fix of CVE-2025-27113

CVE-2025-27113: fix compilation of explicit child axis...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

CVE-2025-0337 Authorization bypass in Now Platform

ServiceNow has addressed an authorization bypass vulnerability that was identified in the Washington release of the Now Platform. This vulnerability, if exploited, potentially could enable an authenticated user to access unauthorized data stored within the Now Platform that the user otherwise wou...

Medium: jsoup

Issue Overview: jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop...

PT-2025-9984 · Unknown · Phpgurukul Pre-School Enrollment System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Pre-School Enrollment System version 1.0 Description: A critical vulnerability has been found in the PHPGurukul Pre-School Enrollment System, affecting an unknown functionality of the file "/admin/edit-class.php?cid=1". The...

Linux Distros Unpatched Vulnerability : CVE-2025-0445

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in V8 in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium...

Linux Distros Unpatched Vulnerability : CVE-2024-5845

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Audio in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromiu...

Linux Distros Unpatched Vulnerability : CVE-2024-6062

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this issue is the function swfsvgaddisosample of t...

Linux Distros Unpatched Vulnerability : CVE-2024-50211

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - udf: refactor inodebmap to handle error Refactor inodebmap to handle error since udfnextaext can return error now. On situations like ftruncate, udfextendfile c...

Linux Distros Unpatched Vulnerability : CVE-2024-57657

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the sqlgvecupd component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

Linux Distros Unpatched Vulnerability : CVE-2025-21783

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: gpiolib: Fix crash on error in gpiochipgetngpios The gpiochipgetngpios uses chip macros to...