37249 matches found
OPENSUSE-SU-2026:11137-1 python311-jupyter-ydoc-3.5.0-1.1 on GA media
These are all security issues fixed in the python311-jupyter-ydoc-3.5.0-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:11134-1 libslirp-devel-4.9.3+4-1.1 on GA media
These are all security issues fixed in the libslirp-devel-4.9.3+4-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:11138-1 jupyter-jupyterlab-templates-0.5.3-2.1 on GA media
These are all security issues fixed in the jupyter-jupyterlab-templates-0.5.3-2.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:11132-1 jackson-databind-2.18.8-2.1 on GA media
These are all security issues fixed in the jackson-databind-2.18.8-2.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:11135-1 logback-1.5.36-1.1 on GA media
These are all security issues fixed in the logback-1.5.36-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:21066-1 Security update for python-python-multipart
This update for python-python-multipart fixes the following issues - CVE-2026-53537: multipart/form-data with extended parameters can lead to file or parameter smuggling bsc1268506. - CVE-2026-53538: urlencoded requests containing semicolons can lead to form field smuggling bsc1268496. -...
SUSE-SU-2026:22372-1 Security update for python-python-multipart
This update for python-python-multipart fixes the following issues - CVE-2026-53537: multipart/form-data with extended parameters can lead to file or parameter smuggling bsc1268506. - CVE-2026-53538: urlencoded requests containing semicolons can lead to form field smuggling bsc1268496. -...
CVE-2026-10804
A flaw was found in Streamlit, within its Palette Handler component. This vulnerability stems from the use of a weak hashing algorithm. A local attacker could exploit this flaw, though it requires a high level of technical complexity. Successful exploitation may lead to a low impact on the...
CVE-2026-9717
CWE-78 Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could allow unauthorized execution of commands with elevated privileges, impacting system integrity, confidentiality, and availability when a privileged authenticated user interacts wi...
EUVD-2026-39434
CWE-78 Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could allow unauthorized execution of commands with elevated privileges, impacting system integrity, confidentiality, and availability when a privileged authenticated user interacts wi...
EUVD-2026-39189
The Tourfic – AI Powered Travel Booking, Hotel Booking & Car Rental WordPress Plugin plugin for WordPress is vulnerable to generic SQL Injection via the 'postid' parameter in all versions up to, and including, 2.22.7 due to insufficient escaping on the user supplied parameter and lack of sufficie...
EUVD-2026-39180
shell-quote prior to 1.8.5 finalizes parsed tokens in parse using Array.prototype.concat as a reduce accumulator, which reallocates and copies the entire growing array on every iteration. As a result parse runs in On^2 time relative to the number of input tokens. An attacker who can supply an...
OPENSUSE-SU-2026:11117-1 giflib-devel-32bit-5.2.2-4.1 on GA media
These are all security issues fixed in the giflib-devel-32bit-5.2.2-4.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:11125-1 tar-1.35-8.1 on GA media
These are all security issues fixed in the tar-1.35-8.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:11118-1 jackson-databind-2.18.8-1.1 on GA media
These are all security issues fixed in the jackson-databind-2.18.8-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:11121-1 corepack24-24.17.0-1.1 on GA media
These are all security issues fixed in the corepack24-24.17.0-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:11116-1 dnsmasq-2.93-1.1 on GA media
These are all security issues fixed in the dnsmasq-2.93-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-12770
A flaw was found in BerriAI litellm. A remote attacker could exploit an improper authorization vulnerability within the Admin Key Handler component. This could allow the attacker to perform unauthorized actions, leading to limited impacts on data integrity and service availability...
CVE-2025-61025
A flaw was found in virtuoso-opensource. Attackers can exploit this vulnerability by sending specially crafted SQL statements, which can lead to a Denial of Service DoS. This issue impacts the availability of the affected system...
CVE-2026-56762 Hono - Missing Cookie Name Validation in setCookie()
Hono before 4.12.12 does not validate cookie names on the write path in the setCookie, serialize, and serializeSigned functions, allowing invalid characters such as control characters e.g. \r or \n when an application passes a user-controlled cookie name. This can produce malformed Set-Cookie...