Security update for zypper-docker

This update for zypper-docker fixes the following issues CVE-2026-2808: github.com/hashicorp/consul: unvalidated user-supplied file paths can lead to arbitrary file reads through the Vault Kubernetes authentication provider bsc1259563. CVE-2026-33186: google.golang.org/grpc: authorization bypass...

Linux Distros Unpatched Vulnerability : CVE-2026-2808

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Consul and Consul Enterprise 1.18.20 up to 1.21.10 and 1.22.4 are vulnerable to arbitrary file read when configured with Kubernetes authentication. Th...

CVE-2026-2808

creationtimestamp| type| source ---|---|--- 2026-03-11 23:16:11+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-2808...

CVE-2026-2808 Consul vulnerable to arbitrary file reads through the vault kubernetes authentication provider

HashiCorp Consul and Consul Enterprise 1.18.20 up to 1.21.10 and 1.22.4 are vulnerable to arbitrary file read when configured with Kubernetes authentication. This vulnerability, CVE-2026-2808, is fixed in Consul 1.18.21, 1.21.11 and 1.22.5...

PT-2026-24892

Name of the Vulnerable Software and Affected Versions HashiCorp Consul versions 1.18.20 through 1.21.10 HashiCorp Consul version 1.22.4 HashiCorp Consul Enterprise versions 1.18.20 through 1.21.10 HashiCorp Consul Enterprise version 1.22.4 Description HashiCorp Consul and Consul Enterprise are...

Linux Distros Unpatched Vulnerability : CVE-2017-2808

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a...

CVE-2023-2808

Mattermost fails to normalize UTF confusable characters when determining if a preview should be generated for a hyperlink, allowing an attacker to trigger link preview on a disallowed domain using a specially crafted link...

CVE-2013-2808

Heap-based buffer overflow in Xper in Philips Xper Information Management Physiomonitoring 5 components, Xper Information Management Vascular Monitoring 5 components, and Xper Information Management servers and workstations for Flex Cardio products before XperConnect 1.5.4.053 SP2 allows remote...

CVE-2005-2808

frox 0.7.16 and 0.7.17 does not properly parse certain Deny ACLs, which might allow attackers to bypass intended restrictions and access blocked hosts...

CVE-2025-2808

creationtimestamp| type| source ---|---|--- 2025-04-08 13:59:43+00:00| seen| https://t.me/cvedetector/22436...

CVE-2025-2808 Motors – Car Dealership & Classified Listings Plugin <= 1.4.63 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Phone Number parameter in all versions up to, and including, 1.4.63 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...

CVE-2025-2808 Motors – Car Dealership & Classified Listings Plugin <= 1.4.63 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Phone Number parameter in all versions up to, and including, 1.4.63 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...

Linux Distros Unpatched Vulnerability : CVE-2015-2808

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes...

openSUSE Security Advisory (SUSE-SU-2024:2808-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-2808

Vulnerability in the Oracle E-Business Intelligence product of Oracle E-Business Suite component: DBI Setups. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle E-Business...

Security Bulletin: RC4 Bar Mitzvah Attack for SSL/TLS (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to...

RHEL 5 : kernel (RHSA-2019:2808)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2808 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: Kernel: page cache side channel attacks...

CVE-2024-2808

CVE-2024-2808 affects Tenda AC15 (versions 15.03.05.18 through 15.03.20_multi). The flaw is in function formQuickIndex of /goform/QuickIndex, where manipulating the PPPOEPassword argument triggers a stack-based buffer overflow. Impact includes potential unauthorized remote code execution with eff...

Mattermost Server 5.34.x < 7.1.9 / 7.2.x < 7.8.4 / 7.9.x < 7.9.3 / 7.10.0 (MMSA-2023-00159)

The version of Mattermost Server installed on the remote host is prior to 7.1.9, 7.8.4, or 7.9.3 / 7.10.0. It is, therefore, affected by a vulnerability as referenced in the MMSA-2023-00159 advisory. - Mattermost fails to normalize UTF confusable characters when determining if a preview should be...

CVE-2011-2808

creationtimestamp| type| source ---|---|--- 2024-02-05 09:11:26+00:00| seen| https://t.me/ctinow/179055...