OPENSUSE-SU-2026:10933-1 hauler-1.4.3-5.1 on GA media

These are all security issues fixed in the hauler-1.4.3-5.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-45965

These are all security issues fixed in the hauler-1.4.3-5.1 package on the GA media of openSUSE Tumbleweed...

OESA-2026-2486 vorbis-tools security update

Ogg Vorbis is a fully open, non-proprietary, patent-and-royalty-free, general-purpose compressed audio format for mid to high quality 8kHz-48.0kHz, 16+ bit, polyphonic audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. This places Vorbis in the same competitive class as...

OPENSUSE-SU-2026:10904-1 vorbis-tools-1.4.3-2.1 on GA media

These are all security issues fixed in the vorbis-tools-1.4.3-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10875-1 hauler-1.4.3-4.1 on GA media

These are all security issues fixed in the hauler-1.4.3-4.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10843-1 hauler-1.4.3-3.1 on GA media

These are all security issues fixed in the hauler-1.4.3-3.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-47114

IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv-prefixed query parameters through the iina://open custom URL scheme handler. Attackers can deliver a crafted URL via a browser that pass...

GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos

GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform's source code and internal organizations for sale on a cybercrime forum. "While we currently have no evidence of impact to customer...

OPENSUSE-SU-2026:10822-1 hauler-1.4.3-2.1 on GA media

These are all security issues fixed in the hauler-1.4.3-2.1 package on the GA media of openSUSE Tumbleweed...

UBUNTU-CVE-2026-34253

A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...

CVE-2026-34253

A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...

vorbis-tools 安全漏洞

Vorbis-tools is an open-source command-line tool developed by the Xiph.Org Foundation for creating and playing Ogg Vorbis files. Version 1.4.3 of vorbis-tools contains a security vulnerability. This vulnerability stems from the remotethread function in the ogg123 tool, which experiences a stack...

openSUSE 16 Security Update : hauler (openSUSE-SU-2026:20711-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20711-1 advisory. Changes in hauler: - update to 1.4.3 bsc1262353, CVE-2026-39984, bsc1262942, CVE-2026-34986: 1.4 Bump go.opentelemetry.io/otel/sdk from 1.40.0 t...

OPENSUSE-SU-2026:20711-1 Security update for hauler

This update for hauler fixes the following issues: Changes in hauler: - update to 1.4.3 bsc1262353, CVE-2026-39984, bsc1262942, CVE-2026-34986: 1.4 Bump go.opentelemetry.io/otel/sdk from 1.40.0 to 1.43.0 in the gomodules group across 1 directory 1.4 Bump github.com/sigstore/timestamp-authority/v2...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization due to the absence of authentication and authorization checks in the UPI management interface. An attacker can gain unauthorized access to read, modify, or delete UP-node and link topology data by sending...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization through the DeleteUpNodeLink process. An attacker can cause the application to crash and alter the in-memory user-plane topology by sending unauthenticated DELETE requests to the affected endpoint. Remediation...

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions through improper handling of missing user identifiers in the RemoveAmfSubscriptionsInfoProcedure process. An attacker can cause the application to panic and return a 500 Internal Serv...

PT-2026-38519

These are all security issues fixed in the hauler-1.4.3-1.1 package on the GA media of openSUSE Tumbleweed...

Astra Linux - уязвимость в ruby-rails-html-sanitizer

Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3 ImpactA possible XS...

CVE-2026-41503

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by sending an RP...