SUSE-SU-2026:0859-1 Security update for python-aiohttp

This update for python-aiohttp fixes the following issues: - CVE-2025-69228: Fixed denial of service through large payloads bsc1256022. - CVE-2025-69226: Fixed brute-force leak of internal static file path components bsc1256020. - CVE-2025-69224: Fixed unicode processing of header values could...

MiracleLinux 4 : rh-postgresql94-postgresql-9.4.6-1.AXS4 (AXSA:2016-124:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-124:01 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to acce...

MiracleLinux 7 : rh-postgresql94-postgresql-9.4.6-1.el7 (AXSA:2016-122:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-122:01 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to acce...

AIOHTTP has unicode match groups in regexes for ASCII protocol elements

Summary The parser allows non-ASCII decimals to be present in the Range header. Impact There is no known impact, but there is the possibility that there's a method to exploit a request smuggling vulnerability. ---- Patch:...

GHSA-MQQC-3GQH-H2X8 AIOHTTP has unicode match groups in regexes for ASCII protocol elements

Summary The parser allows non-ASCII decimals to be present in the Range header. Impact There is no known impact, but there is the possibility that there's a method to exploit a request smuggling vulnerability. ---- Patch:...

SUSE CVE-2007-5116

Buffer overflow in the polymorphic opcode support in the Regular Expression Engine regcomp.c in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode UTF characters in a regular expression...

The vulnerabilities of Debian GNU/Linux and Ubuntu operating systems, as well as PostgreSQL database management systems, allow attackers to trigger service interruptions.

The vulnerability of Debian GNU/Linux and Ubuntu operating systems, as well as PostgreSQL database management systems, stems from buffer overflows. Exploiting this vulnerability allows an attacker to cause a service failure—such as an infinite loop or a buffer overflow and unexpected system...

DEBIAN-CVE-2014-7923

The Regular Expressions package in International Components for Unicode ICU 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via vectors related to a...