Lucene search
K

5412 matches found

SUSE Linux
SUSE Linux
added 2025/06/06 10:4 a.m.5 views

Security update for openssh

This update for openssh fixes the following issue: Security fixes: CVE-2025-32728: Fixed logic error in DisableForwarding option bsc1241012 Other fixes: - Fix ssh client segfault with GSSAPIKeyExchange=yes in sshkex2 due to gssapi proposal not being correctly initialized bsc1236826. The problem...

5.1CVSS7.3AI score0.00149EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 2025/06/06 9:51 a.m.3 views

Security update for python-tornado

This update for python-tornado fixes the following issues: CVE-2025-47287: excessive logging when parsing malformed multipart/form-data can lead to a denial-of-service bsc1243268. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...

8.7CVSS7.3AI score0.00667EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/06/05 3:44 p.m.2 views

Security update for screen

This update for screen fixes the following issues: This update also ships screen to SL Micro 6.1 Extras. also use tty fd passing after a suspend MSGCONT do not chmod the tty for multiattach, rely on tty fd passing instead bsc1242269 CVE-2025-46802 fix resume after suspend in multiuser mode Patch...

6CVSS7.2AI score0.0019EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/06/05 2:8 p.m.1 views

Security update for gimp

This update for gimp fixes the following issues: CVE-2025-2761: unvalidated user input in FLI file parsing may lead to an out-of-bounds write bsc1241691. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

6.1CVSS7.4AI score0.01432EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/06/05 1:53 p.m.1 views

Security update for python-cryptography

This update for python-cryptography fixes the following issues: CVE-2025-3416: openssl: use-after-free in Md::fetch and Cipher::fetch when Some... value passed as properties argument to either function bsc1242631. Patch Instructions: To install this SUSE update use the SUSE recommended installati...

6.3CVSS4.6AI score0.00452EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/06/05 1:19 p.m.1 views

Security update for opensaml

This update for opensaml fixes the following issues: CVE-2025-31335: Fixed a bug where parameter manipulation allows the forging of signed SAML messages. bsc1239889 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

4CVSS7.3AI score0.00228EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/06/05 8:36 a.m.1 views

Security update for docker

This update for docker fixes the following issues: Always clear SUSEConnect suse secrets when starting containers regardless of whether the daemon was built with SUSEConnect support. Not doing this causes containers from SUSEConnect-enabled daemons to fail to start when running with...

8.7CVSS7.3AI score0.00868EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2025/06/05 8:24 a.m.1 views

Security update for docker

This update for docker fixes the following issues: Always clear SUSEConnect suse secrets when starting containers regardless of whether the daemon was built with SUSEConnect support. Not doing this causes containers from SUSEConnect-enabled daemons to fail to start when running with...

8.7CVSS7.3AI score0.00868EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2025/06/05 7:48 a.m.5 views

Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update to version jdk8u452 icedtea-3.35.0 Security issues fixed: CVE-2025-21587: unauthorized creation, deletion or modification of critical data through the JSSE component. bsc1241274 CVE-2025-30691: unauthorized update, insert or dele...

9.1CVSS6.8AI score0.00688EPSS
Exploits0References12
SUSE Linux
SUSE Linux
added 2025/06/05 7:48 a.m.3 views

Security update for python-setuptools

This update for python-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

8.7CVSS7.5AI score0.01479EPSS
Exploits4References4
SUSE Linux
SUSE Linux
added 2025/06/05 6:52 a.m.1 views

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak bsc1243423 CVE-2025-4948: Fixed integer underflow in soupmultipartnewfrommessage leading to denial of service bsc1243332 CVE-2025-4476: Fixed NULL pointer dereference may le...

8.2CVSS6.4AI score0.00729EPSS
Exploits1References12
SUSE Linux
SUSE Linux
added 2025/06/04 5:4 p.m.1 views

Security update for libcryptopp

This update for libcryptopp fixes the following issues: CVE-2024-28285: Fixed potential leak of secret key of ElGamal encryption via fault injection bsc1224280 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7CVSS9.7AI score0.00505EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/06/04 5:2 p.m.5 views

Security update for apache-commons-beanutils

This update for apache-commons-beanutils fixes the following issues: Update to 1.11.0 CVE-2025-48734: Fixed possible arbitrary code execution vulnerability bsc1243793 Full changelog: https://commons.apache.org/proper/commons-beanutils/changes.htmla1.11.0 Patch Instructions: To install this SUSE...

8.8CVSS8.1AI score0.01495EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2025/06/04 2:11 p.m.5 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Mozilla Firefox ESR 128.11 MFSA 2025-44, bsc1243353: MFSA-TMP-2025-0001: Double-free in libvpx encoder bmo1962421 CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content bmo1960745...

6.5CVSS7AI score0.00398EPSS
Exploits0References16
SUSE Linux
SUSE Linux
added 2025/06/04 2:9 p.m.3 views

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.10.2 MFSA 2025-40, bsc1243303: Security fixes: CVE-2025-4918: Out-of-bounds access when resolving Promise objects bmo1966612 CVE-2025-4919: Out-of-bounds access when optimizing linear sums bmo1966614...

8.8CVSS9AI score0.08917EPSS
Exploits1References6
SUSE Linux
SUSE Linux
added 2025/06/04 1:37 p.m.3 views

Security update for postgresql16

This update for postgresql16 fixes the following issues: Upgrade to 16.9: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/16.9/ Patch Instructions: To...

5.9CVSS7.2AI score0.00612EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/06/04 10:12 a.m.5 views

Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.15+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

9.1CVSS7.6AI score0.00688EPSS
Exploits0References12
SUSE Linux
SUSE Linux
added 2025/06/04 10:12 a.m.3 views

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak bsc1243423 CVE-2025-4948: Fixed integer underflow in soupmultipartnewfrommessage leading to denial of service bsc1243332 CVE-2025-4476: Fixed NULL pointer dereference may le...

8.2CVSS6.5AI score0.00729EPSS
Exploits1References12
SUSE Linux
SUSE Linux
added 2025/06/04 9:29 a.m.0 views

Security update for gnuplot

This update for gnuplot fixes the following issues: CVE-2025-31176: invalid read leads to segmentation fault on plot3dpoints bsc1240325. CVE-2025-31177: improper bounds check leads to heap-buffer overflow on utf8copyone bsc1240326. CVE-2025-31178: unvalidated user input leads to segmentation faul...

6.9CVSS6.7AI score0.00184EPSS
Exploits0References28
SUSE Linux
SUSE Linux
added 2025/06/04 9:29 a.m.2 views

Security update for python3-setuptools

This update for python3-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

8.7CVSS7.5AI score0.01479EPSS
Exploits4References4
SUSE Linux
SUSE Linux
added 2025/06/04 9:28 a.m.0 views

Security update for govulncheck-vulndb

This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250529T205903 2025-05-29T20:59:03Z jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-3717 GO-2025-3718 GO-2025-3719 GO-2025-3720 GO-2025-3721 Update to version 0.0.20250527T2047...

7.3AI score
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/06/04 7:33 a.m.3 views

Security update for glibc

This update for glibc fixes the following issues: CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LDLIBRARYPATH bsc1243317. Patch Instructions: To install this SUSE update use the SUSE recommended...

9.4CVSS7.6AI score0.0039EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2025/06/03 1:15 p.m.1 views

Security update for 389-ds

This update for 389-ds fixes the following issues: Security fixes: CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242666 Other fixes: Enable memory accounting as SUSE disables it by default bsc1241016. Fix dsidm service getdn option failing bsc1241988...

6.3CVSS4.7AI score0.00452EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 2025/06/03 1:14 p.m.0 views

Security update for 389-ds

This update for 389-ds fixes the following issues: Security fixes: CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242666 Other fixes: Enable memory accounting as SUSE disables it by default bsc1241016. Fix dsidm service getdn option failing bsc1241988...

6.3CVSS4.7AI score0.00452EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 2025/06/03 11:57 a.m.3 views

Security update for gnuplot

This update for gnuplot fixes the following issues: CVE-2025-31178: unvalidated user input leads to segmentation fault on GetAnnotateString bsc1240327. CVE-2025-31179: improper verification of time values leads to segmentation fault on xstrftime bsc1240328. CVE-2025-31181: double fclose call lead...

6.9CVSS7.1AI score0.00184EPSS
Exploits0References16
SUSE Linux
SUSE Linux
added 2025/06/03 9:17 a.m.0 views

Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: CVE-2025-46727: possible memory exhaustion due to unbounded parameter parsing in Rack::QueryParser bsc1242894. CVE-2025-32441: deleted sessions can be restored and occupied by unauthenticated users when the Rack::Session::Pool middleware is...

8.7CVSS7.6AI score0.00911EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 2025/06/03 9:5 a.m.5 views

Security update for python311

This update for python311 fixes the following issues: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS. bsc1243273 Update to 3.11.12: gh-105704: When using urllib.parse.urlsplit and urllib.parse.urlparse host parsing would not reject domain names containin...

8.4CVSS9.7AI score0.33936EPSS
Exploits5References76
SUSE Linux
SUSE Linux
added 2025/06/03 9:3 a.m.12 views

Security update for elemental-toolkit

This update for elemental-toolkit fixes the following issues: Updated to v2.2.3: Adapted .golangci.yml format to a new version Simplified podman calls in CI steup Switched GHA runners to Ubuntu 24.04 Updated year in headers Vendored go.mod libraries CVE-2025-22870: golang.org/x/net/proxy: Fixed...

8.2CVSS7.3AI score0.00868EPSS
Exploits2References8
SUSE Linux
SUSE Linux
added 2025/06/03 1:15 a.m.1 views

Security update for libsoup2

This update for libsoup2 fixes the following issues: CVE-2025-4948: Fixed integer underflow in soupmultipartnewfrommessage leading to denial of service bsc1243332 CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak bsc1243423 CVE-2025-32906: Fixed out of bounds reads in...

8.8CVSS7.7AI score0.00798EPSS
Exploits0References32
SUSE Linux
SUSE Linux
added 2025/06/02 11:45 p.m.2 views

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-4948: Fixed integer underflow in soupmultipartnewfrommessage leading to denial of service bsc1243332 CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak bsc1243423 CVE-2025-32906: Fixed out of bounds reads in...

8.8CVSS7.5AI score0.00798EPSS
Exploits0References32
SUSE Linux
SUSE Linux
added 2025/06/02 1:28 p.m.2 views

Security update for postgresql, postgresql16, postgresql17

This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: bsc1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane confirme...

8.8CVSS7.4AI score0.04422EPSS
Exploits1References22
SUSE Linux
SUSE Linux
added 2025/06/02 9:4 a.m.4 views

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-4948: Fixed integer underflow in soupmultipartnewfrommessage leading to denial of service bsc1243332 CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak bsc1243423 CVE-2025-32906: Fixed out of bounds reads in...

8.8CVSS7.5AI score0.00798EPSS
Exploits0References32
SUSE Linux
SUSE Linux
added 2025/06/02 7:38 a.m.1 views

Security update for dnsdist

This update for dnsdist fixes the following issues: CVE-2025-30193: stack exhaustion when processing too many queries on incoming TCP connections leads to a denial-of-service bsc1243378. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.7CVSS7.3AI score0.00592EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/05/31 10:34 a.m.5 views

Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 45. Security issues fixed: Oracle April 15 2025 CPU bsc1242208 CVE-2025-21587: unauthorized access, deletion and modification of critical data via the JSSE component bsc1241274. CVE-2025-30691:...

9.1CVSS6.7AI score0.00688EPSS
Exploits0References18
SUSE Linux
SUSE Linux
added 2025/05/31 12:59 a.m.2 views

Security update for sqlite3

This update for sqlite3 fixes the following issues: CVE-2025-29087,CVE-2025-3277: Fixed integer overflow in sqlite concat function bsc1241020 CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component bsc1241078 Other fixes: Updated to version 3.49.1 from Factory...

8.5CVSS7.6AI score0.00609EPSS
Exploits0References14
SUSE Linux
SUSE Linux
added 2025/05/30 8:49 p.m.4 views

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

9.1CVSS7.1AI score0.00688EPSS
Exploits0References12
SUSE Linux
SUSE Linux
added 2025/05/30 5:15 p.m.3 views

Security update for bind

This update for bind fixes the following issues: Update to version 9.20.9. Security issues fixed: CVE-2025-40775: denial-of-service due to assertion failure caused by the processing of a NS message with an invalid TSIG bsc1243361. CVE-2024-12705: CPU and memory exhaustion due to DNS-over-HTTPS...

8.7CVSS7.9AI score0.16182EPSS
Exploits1References12
SUSE Linux
SUSE Linux
added 2025/05/30 4:12 p.m.2 views

Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.18: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Patch Instructions: To install this SUSE update use the SUSE recommended...

5.9CVSS7.1AI score0.00612EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/05/30 4:11 p.m.5 views

Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.13: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/15.13/ Patch Instructions: T...

5.9CVSS7.1AI score0.00612EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/05/30 4:10 p.m.3 views

Security update for glibc

This update for glibc fixes the following issues: Security issues fixed: CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LDLIBRARYPATH bsc1243317. Other issues fixed: Multi-threaded application hang...

9.4CVSS7.5AI score0.0039EPSS
Exploits1References6
SUSE Linux
SUSE Linux
added 2025/05/30 3:37 p.m.2 views

Security update for postgresql17

This update for postgresql17 fixes the following issues: Upgrade to 17.5: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/17.5/ Patch Instructions: To...

5.9CVSS7.1AI score0.00612EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/05/30 3:33 p.m.2 views

Security update for postgresql16

This update for postgresql16 fixes the following issues: Upgrade to 16.9: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/16.9/ Patch Instructions: To...

5.9CVSS7.1AI score0.00612EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/05/30 1:43 p.m.1 views

Security update for poppler

This update for poppler fixes the following issues: CVE-2025-32364: integer overflow due to INTMIN negation in the PSStack::roll function of Function.cc leads to floating point exception crash in pdftotext bsc1240880. CVE-2025-32365: misplaced isOk check in the JBIG2Bitmap::combine function of...

5.1CVSS7.5AI score0.00218EPSS
Exploits2References8
SUSE Linux
SUSE Linux
added 2025/05/30 1:39 p.m.0 views

Security update for iputils

This update for iputils fixes the following issues: Security fixes: CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300. Other bug fixes: Fixed incorrect IPV4 TTL value when using SOCKDGRAM on big endian systems bsc1243284. Patch Instructions: To...

6.5CVSS6.9AI score0.01344EPSS
Exploits1References6
SUSE Linux
SUSE Linux
added 2025/05/30 1:5 p.m.3 views

Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: CVE-2025-22247: Fixed Insecure file handling bsc1243106 Other fixes: Fixed GCC 15 compile time error bsc1241938 Fixed building with containerd 1.7.25+ bsc1237147 Full changelog:...

6.9CVSS7.3AI score0.00249EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 2025/05/30 1:4 p.m.1 views

Security update for iputils

This update for iputils fixes the following issues: CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

6.5CVSS7.6AI score0.01344EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2025/05/30 1:3 p.m.0 views

Security update for iputils

This update for iputils fixes the following issues: CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

6.5CVSS6.8AI score0.01344EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2025/05/30 12:10 p.m.3 views

Security update for python312-setuptools

This update for python312-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

8.7CVSS7.6AI score0.01479EPSS
Exploits4References4
SUSE Linux
SUSE Linux
added 2025/05/30 10:44 a.m.2 views

Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.18: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Patch Instructions: To install this SUSE update use the SUSE recommended...

5.9CVSS7.2AI score0.00612EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/05/30 10:41 a.m.1 views

Security update for iputils

This update for iputils fixes the following issues: Security fixes: CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300. Other bug fixes: Fixed incorrect IPV4 TTL value when using SOCKDGRAM on big endian systems bsc1243284. Patch Instructions: To...

6.5CVSS7.6AI score0.01344EPSS
Exploits1References6
Total number of security vulnerabilities5412