openSUSE 15 Security Update : valkey (SUSE-SU-2026:0685-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0685-1 advisory. Update to version 8.0.7. Security issues fixed: - CVE-2025-67733: data tampering and denial of service via improper null character handling in Lua...

SUSE CVE-2025-67733

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same...

CVE-2026-2252

An XML External Entity XXE vulnerability allows malicious user to perform Server-Side Request Forgery SSRF via crafted XML input containing malicious external entity references. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core...

EUVD-2026-9014

Improper limitation of a pathname to a restricted directory Path Traversal vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core version 8.1.0 vi...

CVE-2026-2252

An XML External Entity XXE vulnerability allows malicious user to perform Server-Side Request Forgery SSRF via crafted XML input containing malicious external entity references. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core...

CVE-2026-2252 XML External Entity (XXE) vulnerability resulting in Server-Side Request Forgery (SSRF)

An XML External Entity XXE vulnerability allows malicious user to perform Server-Side Request Forgery SSRF via crafted XML input containing malicious external entity references. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core...

CVE-2026-2251 Path Traversal leading to Remote Code Execution (RCE)

Improper limitation of a pathname to a restricted directory Path Traversal vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core version 8.1.0 vi...

CVE-2026-2251

Improper limitation of a pathname to a restricted directory Path Traversal vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core version 8.1.0 vi...

CVE-2026-21863 affecting package valkey for versions less than 8.0.7-1

CVE-2026-21863 affecting package valkey for versions less than 8.0.7-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-67733 affecting package valkey for versions less than 8.0.7-1

CVE-2025-67733 affecting package valkey for versions less than 8.0.7-1. An upgraded version of the package is available that resolves this issue...

PT-2026-22314

Name of the Vulnerable Software and Affected Versions Xerox FreeFlow Core versions prior to 8.1.0 Description The software contains a path traversal issue due to improper limitation of a pathname to a restricted directory. This allows unauthorized path traversal, potentially leading to remote cod...

PT-2026-22315

Name of the Vulnerable Software and Affected Versions Xerox FreeFlow Core versions up to and including 8.0.7 Description An XML External Entity XXE issue allows a malicious user to perform Server-Side Request Forgery SSRF by submitting specially crafted XML input that includes malicious external...

Xerox FreeFlow Core 安全漏洞

Xerox FreeFlow Core is a flexible and easy-to-use software product developed by Xerox Corporation. Versions of Xerox FreeFlow Core 8.0.7 and earlier contain security vulnerabilities. These vulnerabilities stem from improper path name restrictions, which can lead to unauthorized path traversal and...

valkey security update

8.0.7-1 - Rebase to 8.0.7 for CVE-2026-21863 CVE-2025-67733...

PT-2026-21544

Name of the Vulnerable Software and Affected Versions Valkey versions prior to 9.0.2 Valkey versions prior to 8.1.6 Valkey versions prior to 8.0.7 Valkey versions prior to 7.2.12 Description Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious...

RHSA-2025:3990 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.7 security update

Bulletin has no description...

EUVD-2020-29061

Malware in sbrugna...

EUVD-2015-1527

Malware in sbrugna...

UBUNTU-CVE-2025-6713

An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB...

CVE-2022-46862

Cross-Site Request Forgery CSRF vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin = 8.0.7 versions...