6009 matches found
Updated opencontainers-runc packages fix security vulnerabilities
The way masked paths are implemented in runc can be exploited to cause the host system to crash or halt CVE-2025-31133 and a flaw in /dev/console bind-mounts can lead to container escape CVE-2025-52565. Also, arbitrary write gadgets and procfs write redirects could be used to engineer container...
Updated libxml2 & libxslt packages fix security vulnerabilities
Heap use after free UAF leads to Denial of service DoS. CVE-2025-49794 Null pointer dereference leads to Denial of service DoS. CVE-2025-49795 Type confusion leads to Denial of service DoS. CVE-2025-49796 Integer Overflow Leading to Buffer Overflow in xmlBuildQName. CVE-2025-6021 Stack-based Buff...
Updated xen packages fix security vulnerabilities
Double unlock in x86 guest IRQ handling. CVE-2024-31143 Xapi: Metadata injection attack against backup/restore functionality. CVE-2024-31144 Error handling in x86 IOMMU identity mapping. CVE-2024-31145 PCI device pass-through with shared resources. CVE-2024-31146 x86: Deadlock in vlapicerror...
Updated dcmtk packages fix security vulnerabilities
A vulnerability was identified in DCMTK up to 3.6.9. This affects an unknown function in the library dcmimage/include/dcmtk/dcmimage/diybrpxt.h of the component dcm2img. Such manipulation leads to memory corruption. Local access is required to approach this attack. The name of the patch is...
Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerabilities
Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...
Updated sqlite3 packages fix security vulnerability
Integer Truncation on SQLite. CVE-2025-6965...
Updated libvpx packages fix security vulnerability
Double-free in libvpx encoder. CVE-2025-5283...
Updated gstreamer1.0-plugins-bad packages fix security vulnerability
GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. CVE-2025-3887...
Updated x11-server, x11-server-xwayland & tigervnc packages fix security vulnerabilities
Use-after-free in XPresentNotify structures creation. CVE-2025-62229 Use-after-free in Xkb client resource removal. CVE-2025-62230 Value overflow in Xkb extension XkbSetCompatMap. CVE-2025-62231...
Updated net-tools packages fix security vulnerability
net-tools Stack-based Buffer Overflow vulnerability. CVE-2025-46836...
Updated mediawiki packages fix security vulnerabilities
i18n XSS vulnerability in HTMLMultiSelectField when sections are used. CVE-2025-3469 "reupload-own" restriction can be bypassed by reverting file. CVE-2025-32696 Cascading protection is not preventing file reversions. CVE-2025-32697 LogPager.php: Restriction enforcer functions do not correctly...
Updated binutils packages fix security vulnerabilities
GNU Binutils format.c bfdsetformat memory corruption. CVE-2025-1153 GNU Binutils ld elflink.c bfdelfgcmarkrsec heap-based overflow. CVE-2025-1176 GNU Binutils ld libbfd.c bfdputl64 memory corruption. CVE-2025-1178 GNU Binutils ld elflink.c bfdelfgcmarkrsec memory corruption. CVE-2025-1181 GNU...
Updated libsoup3 & libsoup packages fix security vulnerabilities
Libsoup: heap buffer over-read in skipinsignificantspace when sniffing content. CVE-2025-2784 Libsoup: denial of service attack to websocket server. CVE-2025-32049 Libsoup: integer overflow in appendparamquoted. CVE-2025-32050 Libsoup: segmentation fault when parsing malformed data uri...
Updated microcode packages fix security vulnerability
AMD CPU Microcode Signature Verification Vulnerability. CVE-2024-36347...
Updated golang packages fix security vulnerabilities
Insufficient validation of bracketed IPv6 hostnames in net/url. CVE-2025-47912 Unbounded allocation when parsing GNU sparse map in archive/tar. CVE-2025-58183 Parsing DER payload can cause memory exhaustion in encoding/asn1. CVE-2025-58185 Lack of limit when parsing cookies can cause memory...
Updated libavif packages fix security vulnerabilities
In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream-offset+size. CVE-2025-48174 In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes...
Updated bind packages fix security vulnerabilities
Resource exhaustion via malformed DNSKEY handling CVE-2025-8677. Cache poisoning attacks with unsolicited RRs CVE-2025-40778. Cache poisoning due to weak PRNG CVE-2025-40780...
Updated transfig packages fix security vulnerabilities
fig2dev stack-overflow. CVE-2025-46397 fig2dev stack-overflow via readobjects. CVE-2025-46398 fig2dev segmentation fault vulnerability. CVE-2025-46399 fig2dev segmentation fault in readarcobject. CVE-2025-46400...
Updated sope packages fix security vulnerability
It was discovered that sope, the set of Objective-C frameworks powering SOGo, contains a DoS bug which could cause a crash CVE-2025-53603...
Updated libtiff packages fix security vulnerabilities
LibTIFF fax2ps tiff2pdf.c t2preadtiffinit null pointer dereference. CVE-2024-13978 LibTIFF tiffmedian.c gethistogram use after free. CVE-2025-8176 LibTIFF thumbnail.c setrow buffer overflow. CVE-2025-8177 libtiff tiff2ps tiff2ps.c PSLvl2page null pointer dereference. CVE-2025-8534 LibTIFF tiffcro...
Updated tomcat packages fix security vulnerabilities
Directory traversal via rewrite with possible RCE if PUT is enabled. CVE-2025-55752 Console manipulation via escape sequences in log messages. CVE-2025-55754 Delayed cleaning of multi-part upload temporary files may lead to DoS. CVE-2025-61795...
Updated poppler packages fix security vulnerability
Use After Free UAF in Poppler. CVE-2025-52885...
Updated libtpms package fixes security vulnerability
It was discovered that libtpms had a potential out-of-bound access & abort due to HMAC signing issue CVE-2025-49133...
Updated icu packages fix security vulnerability
A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution...
Updated firefox, nss & rootcerts fix security vulnerabilities
CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11710: Cross-process information leaked due to malicious IPC messages CVE-2025-11711: Some non-writable Object properties could ...
Updated thunderbird packgaes fix security vulnerabilities
CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11710: Cross-process information leaked due to malicious IPC messages CVE-2025-11711: Some non-writable Object properties could ...
Updated openssl packages fix a security vulnerability
Out-of-bounds read & write in RFC 3211 KEK Unwrap. CVE-2025-9230...
Updated python-django packages fix a security vulnerability
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the kwarg...
Updated nginx package fixes security vulnerability
It was discovered that nginx contains a security issue in the ngxmailsmtpmodule which might allow an attacker to cause buffer over-read potentially resulting in sensitive information leak in a HTTP request to the authentication server CVE-2025-53859...
Updated haproxy packages fix security vulnerability & bugs
Haproxy has a critical, a major, few medium and few minor bugs fixed in the last upstream version 2.8.16 of branch 2.8. Fixed critical bug list: - mjson: fix possible DoS when parsing numbers Fixed major bug list: - listeners: transfer connection accounting when switching listeners Fixed medium...
Updated quictls packages with two security issues and bug fixes
Two security issues and miscellaneous minor bug fixes. Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap. CVE-2025-9230 Fix Out-of-bounds read in HTTP client noproxy handling. CVE-2025-9232...
Updated expat packages fix security vulnerabilities
Improper restriction of xml entity expansion depth in libexpat. CVE-2024-8176 This is an extension of the fix published in MGASA-2025-0109 that was determined by upstream to be incomplete. Libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small...
Updated varnish & lighttpd packages fix security vulnerability
It was discovered that a denial of service attack can be performed on cache servers that have the HTTP/2 protocol turned on. An attacker can create a large number of streams and immediately reset them without ever reaching the maximum number of concurrent streams allowed for the session, causing...
Updated fetchmail package fixes security vulnerability
It was discovered that fetchmail's SMTP client, when configured to authenticate, is susceptible to a protocol violation where, when a trusted but malicious or malfunctioning SMTP server responds to an authentication request with a "334" code but without a following blank on the line, it will...
Updated open-vm-tools package fixes security vulnerability
It was discovered that open-vm-tools contains a local privilege escalation vulnerability. A malicious actor with non-administrative privileges on a guest VM may exploit this vulnerability to escalate privileges to root on the same VM CVE-2025-41244...
Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerabilities
Upstream kernel version 6.6.105 fixes bugs and vulnerabilities. The kmod-virtualbox & kmod-xtables-addons packages have been updated to work with this new kernel. The newer meta-task and mageia-repos packages are required to simplify the correct installation of the kernel-stable-userspace-headers...
Updated microcode packages fix security vulnerabilities
The updated package updates AMD cpu microcode for processor family 19h, adds AMD cpu microcode for processor family 1ah and fixes security vulnerabilities for Intel processors: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel® Processors may allow an...
Updated kernel-linus packages fix security vulnerabilities
Vanilla upstream kernel version 6.6.105 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links...
Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerabilities
Better Glyph drawing. CVE-2025-30749 Enhance TLS protocol support. CVE-2025-30754 Improve scripting supports. CVE-2025-30761 Improve HTTP client header handling. CVE-2025-50059 Better Glyph drawing redux. CVE-2025-50106...
Updated curl packages fix security vulnerability
curl is susceptible to an out-of-bounds read in the cookie handler that could either cause a crash or potentially make allow a clear-text site to override the contents of a secure cookie. This release also fixes a rare memory leak in HTTP trailers...
Updated postgresql15 & postgresql13 packages fix security vulnerabilities
PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table. CVE-2025-8713 PostgreSQL pgdump lets superuser of origin server execute arbitrary code in psql client. CVE-2025-8714 PostgreSQL pgdump newline in object name executes arbitrary code in psql client an...
Updated python-django packages fix security vulnerability
Potential SQL injection in FilteredRelation column aliases. CVE-2025-57833...
Updated udisks2 packages fix a security vulnerability
Out-of-bounds read in udisks daemon. CVE-2025-8067...
Updated rootcerts, nspr, nss & firefox packages fix vulnerabilities
JavaScript engine only wrote partial return value to stack. CVE-2025-8027 Large branch table could lead to truncated instruction. CVE-2025-8028 Javascript: URLs executed on object and embed tags. CVE-2025-8029 Potential user-assisted code execution in “Copy as cURL” command. CVE-2025-8030 Incorre...
Updated thunderbird packages fix vulnerabilities
Use-after-free in FontFaceSet. CVE-2025-6424 The WebCompat WebExtension shipped exposed a persistent UUID. CVE-2025-6425 Incorrect parsing of URLs could have allowed embedding of youtube.com. CVE-2025-6429 Content-Disposition header ignored when a file is included in an embed or object tag...
Updated vim packages fix vulnerabilities
Path traversal issue with tar.vim and special crafted tar archives in Vim 9.1.1552. CVE-2025-53905 Path traversal issue with zip.vim and special crafted zip archives in Vim v9.1.1551. CVE-2025-53906...
Updated gnutls packages fix vulnerabilities
null pointer dereference in gnutlsfigurecommonciphersuite. CVE-2025-6395 Vulnerability in gnutls othername san export. CVE-2025-32988 Vulnerability in gnutls sct extension parsing. CVE-2025-32989 Vulnerability in gnutls certtool template parsing. CVE-2025-32990...
Updated aide packages fix vulnerabilities
Improper output neutralization potential AIDE detection bypass. CVE-2025-54389 Null pointer dereference after reading incorrectly encoded xattr attributes from database local DoS. CVE-2025-54409...
Updated tomcat packages fix vulnerabilities
APR/Native Connector crash leading to DoS. CVE-2025-52434 DoS via integer overflow in multipart file upload. CVE-2025-52520 DoS via excessive h2 streams at connection start. CVE-2025-53506 H2 DoS - Made You Reset. CVE-2025-48989...
Updated golang packages fix vulnerabilities
LookPath may return unexpected paths, CVE-2025-47906. incorrect results returned from Rows.Scan, CVE-2025-47907. These packages fix the issues for the compiler only; applications using the functions still need to be rebuilt...