php:8.3 security update

An update is available for php-pecl-zip, module.php-pecl-apcu, php-pecl-xdebug3, module.php, php-pecl-redis6, module.php-pecl-xdebug3, php-pecl-rrd, php, module.php-pecl-zip, php-pecl-apcu, module.php-pecl-redis6, module.php-pecl-rrd. This update affects Rocky Linux 9. A Common Vulnerability...

RLSA-2025:7432 Moderate: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 php: Configuring ...

CVE-2025-54129

HAXiam is a packaging wrapper for HAXcms which allows anyone to spawn their own microsite management platform. In versions 11.0.4 and below, the application returns a 200 response when requesting the data of a valid user and a 404 response when requesting the data of an invalid user. This can be...

CLSA-2025-1753299555 traceroute: Fix of CVE-2023-46316

CVE-2023-46316: parse command lines properly in wrapper scripts...

MAL-2025-6155 Malicious code in community-pass-react-native-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 45d465e1a0ba3936c02d875635041ba0362e96dee19c7f7d727391a4bdcb5dc9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

drm/amd/display: check stream id dml21 wrapper to get plane_id

...

SUSE-SU-2025:02254-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. - CVE-2024-49568: net/smc: check v2extoffset/eidcnt/ismgidcnt when...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible reference leak in the espintcp wrapper socket cache...

SUSE CVE-2025-38091

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: check stream id dml21 wrapper to get planeid Why & How Fix a false positive warning which occurs due to lack of correct checks when querying planeid in DML21. This fixes the warning when performing a mode1 reset...

DEBIAN-CVE-2025-38091

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: check stream id dml21 wrapper to get planeid Why & How Fix a false positive warning which occurs due to lack of correct checks when querying planeid in DML21. This fixes the warning when performing a mode1 reset...

CVE-2025-38091 drm/amd/display: check stream id dml21 wrapper to get plane_id

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: check stream id dml21 wrapper to get planeid Why & How Fix a false positive warning which occurs due to lack of correct checks when querying planeid in DML21. This fixes the warning when performing a mode1 reset...

Malicious code in price_wrapper (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6f5ebf05195379c1b9f9c6c4d2e95b165168168a4ebba5c036cc803789ac46d2 Any computer that has this package installed or running should be considered...

MAL-2025-5074 Malicious code in build-react-wrapper (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in build-react-wrapper (npm)

--- -= Per source details. Do not edit below this line.=-...

VulnCheck KEV: CVE-2014-2383

dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in...

Malicious code in yaml-mcp-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 63f698f000e6c4702e971dcd3923f64bd9039710fde38e7329b170ba0266ac01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4635 Malicious code in yaml-mcp-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 63f698f000e6c4702e971dcd3923f64bd9039710fde38e7329b170ba0266ac01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

[SECURITY] Fedora 41 Update: rust-rusqlite-0.31.0-6.fc41

Ergonomic wrapper for SQLite...

[SECURITY] Fedora 42 Update: rust-rusqlite-0.31.0-6.fc42

Ergonomic wrapper for SQLite...

SUSE-SU-2025:20361-1 Security update for glibc

This update for glibc fixes the following issues: - CVE-2025-4802: elf: Ignore LDLIBRARYPATH and debug env var for setuid for static bsc1243317 - pthreads NPTL: lost wakeup fix 2 bsc1234128, BZ 25847 - Mark functions in libcnonshared.a as hidden bsc1239883 - Linux: Switch back to assembly syscall...