CVE-2026-32009

OpenClaw versions prior to 2026.2.24 contain a policy bypass vulnerability in the safeBins allowlist evaluation that trusts static default directories including writable package-manager paths like /opt/homebrew/bin and /usr/local/bin. An attacker with write access to these trusted directories can...

openSUSE Security Advisory (SUSE-SU-2024:3200-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:3200-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 Other fixes: - %profileopt variable is set according to the variable %doprofiling bsc1227999 - Stop using %%defattr, it seems to be breaking proper executable...

openSUSE Security Advisory (SUSE-SU-2024:2974-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : python311 (SUSE-SU-2024:2982-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2982-1 advisory. Security issues fixed: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 -...

SUSE: Security Advisory (SUSE-SU-2024:2974-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : python310 (SUSE-SU-2024:2974-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2974-1 advisory. Security issue fixed: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 Non-security issues...

SUSE-SU-2024:2982-1 Security update for python311

This update for python311 fixes the following issues: Security issues fixed: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 - CVE-2024-5642: Removed support for anything but OpenSSL 1.1.1 or newer bsc1227233 - CVE-2024-4032: Fixed incorrect IPv4 and IPv6 private...

libXpm security update

3.5.12-9 - Fix CVE-2022-46285: infinite loop on unclosed comments 2161800 - Fix CVE-2022-44617: runaway loop with width of 0 2161808 - Fix CVE-2022-4883: compression depends on /usr/local/bin:/usr/bin 2160238...

CVE-2021-46547

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x2c17e. This vulnerability can lead to a Denial of Service DoS...

CVE-2021-46535

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0xe533e. This vulnerability can lead to a Denial of Service DoS...

CVE-2021-46535

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0xe533e. This vulnerability can lead to a Denial of Service DoS...

Code injection

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x2c17e. This vulnerability can lead to a Denial of Service DoS...

Default credentials

A cleartext password storage issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The file in question is /usr/local/ipsca/mipsca.db. If a camera is compromised, the attacker can gain access to passwords and abuse them to compromise further systems...

CVE-2007-1369

inimodifier sgid-zendtech in Zend Platform 2.2.3 and earlier allows local users to modify the system php.ini file by editing a copy of php.ini file using the -f parameter, and then performing a symlink attack using the directory that contains the attacker-controlled php.ini file, and linking this...