dpkg-1.22.22-1.1 on GA media (moderate)

dpkg-1.22.22-1.1 on GA media Announcement ID: openSUSE-SU-2026:10675-1 Rating: moderate Cross-References: CVE-2026-2219 CVSS scores: CVE-2026-2219 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-2219 SUSE : 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N...

SUSE-SU-2026:20766-1 Security update for dpkg

This update for dpkg fixes the following issue: - CVE-2026-2219: dpkg-deb: malformed .deb archives can cause a denial of service bsc1259385...

CVE-2026-2219

creationtimestamp| type| source ---|---|--- 2026-03-07 08:16:07+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-2219 2026-03-07 09:24:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mghixi6wkw2o 2026-03-19 00:00:00+00:00| seen|...

CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

RHEL 9 : golang (RHSA-2026:2219)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2219 advisory. The golang packages provide the Go programming language compiler. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2025-2219)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2010-2219

Unspecified vulnerability in Adobe Flash Media Server FMS before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service memory consumption via unknown vectors...

CVE-2011-2219

Unspecified vulnerability in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service daemon crash via unknown vectors, a different vulnerability than CVE-2011-2218...

CVE-2025-2219

creationtimestamp| type| source ---|---|--- 2025-03-12 02:30:35+00:00| published-proof-of-concept| Telegram/drpFO7tq2dW1R-FksJK1cxslv0lHXR40xyYBKS5M064ntb8...

CVE-2025-2219

A vulnerability was found in LoveCards LoveCardsV2 up to 2.3.2 and classified as critical. This issue affects some unknown processing of the file /api/upload/image. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...

CVE-2025-2219

A vulnerability was found in LoveCards LoveCardsV2 up to 2.3.2 and classified as critical. This issue affects some unknown processing of the file /api/upload/image. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...

CVE-2025-2219 LoveCards LoveCardsV2 image unrestricted upload

A vulnerability was found in LoveCards LoveCardsV2 up to 2.3.2 and classified as critical. This issue affects some unknown processing of the file /api/upload/image. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...

CVE-2025-2219

CVE-2025-2219 affects LoveCards LoveCardsV2 up to 2.3.2. The issue arises from how the parameter file in /api/upload/image is processed, allowing unrestricted image uploads. It is exploitable remotely over the network (no authentication required) and, per the descriptions, the exploit has been di...

CVE-2019-2219

creationtimestamp| type| source ---|---|--- 2024-03-09 07:07:19+00:00| seen| https://t.me/ctinow/203783...

SUSE: Security Advisory (SUSE-SU-2023:2219-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-2219

SourceCodester Task Reminder System v1.0 contains a cross-site scripting (XSS) vulnerability in the /classes/Users.php file, triggered by manipulating the id parameter. The issue is remote in nature and has been publicly disclosed. Practical guidance across connected sources recommends disabling ...

CVE-2022-2219

creationtimestamp| type| source ---|---|--- 2022-07-25 16:33:06+00:00| seen| https://t.me/cibsecurity/46897...

CVE-2022-2219

The CVE-2022-2219 entry concerns the Unyson WordPress plugin, specifically versions before 2.7.27. The vulnerability arises from not sanitising and escaping input (QUERY_STRING) before echoing it back on an admin page, causing a Reflected Cross-Site Scripting (XSS). Affected component: Unyson plu...

CVE-2022-2219 Unyson < 2.7.27 - Reflected Cross-Site Scripting

The Unyson WordPress plugin before 2.7.27 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...

Mageia: Security Advisory (MGASA-2013-0263)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...