openSUSE 16 Security Update : python-pip (openSUSE-SU-2026:20202-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20202-1 advisory. - CVE-2026-1703: files may be extracted outside the installation directory when installing and extracting maliciously crafted wheel archives bsc1257599...

Security update for python-pip (low)

openSUSE security update: security update for python-pip ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20202-1 Rating: low References: bsc1257599 Cross-References: CVE-2026-1703 CVSS scores: CVE-2026-1703 SUSE : 3.1...

SUSE SLES15 / openSUSE 15 Security Update : python-wheel (SUSE-SU-2026:0460-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0460-1 advisory. - CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100. Tenable has...

SUSE: Security Advisory (SUSE-SU-2026:0424-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2026:0424-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-14541

The Lucky Wheel Giveaway plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.22 via the conditionaltags parameter. This is due to the plugin using PHP's eval function on user-controlled input without proper validation or sanitization. This makes i...

SUSE SLED15 / SLES15 Security Update : python313-wheel (SUSE-SU-2026:0425-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0425-1 advisory. - CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100. Tenable h...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-wheel (SUSE-SU-2026:0424-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0424-1 advisory. - CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification...

Security update for python-wheel

This update for python-wheel fixes the following issues: CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

SUSE-SU-2026:0460-1 Security update for python-wheel

This update for python-wheel fixes the following issues: - CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100...

SUSE-SU-2026:20423-1 Security update for python-pip

This update for python-pip fixes the following issues: - CVE-2026-1703: files may be extracted outside the installation directory when installing and extracting maliciously crafted wheel archives bsc1257599...

OPENSUSE-SU-2026:20202-1 Security update for python-pip

This update for python-pip fixes the following issues: - CVE-2026-1703: files may be extracted outside the installation directory when installing and extracting maliciously crafted wheel archives bsc1257599...

Security update for python313-wheel

This update for python313-wheel fixes the following issues: CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

SUSE-SU-2026:0425-1 Security update for python313-wheel

This update for python313-wheel fixes the following issues: - CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100...

Security update for python-wheel

This update for python-wheel fixes the following issues: CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

SUSE-SU-2026:0424-1 Security update for python-wheel

This update for python-wheel fixes the following issues: - CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100...

CVE-2025-14541 Lucky Wheel Giveaway <= 1.0.22 - Authenticated (Administrator+) Remote Code Execution via 'conditional_tags' Parameter

The Lucky Wheel Giveaway plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.22 via the conditionaltags parameter. This is due to the plugin using PHP's eval function on user-controlled input without proper validation or sanitization. This makes i...

CVE-2025-14541 Lucky Wheel Giveaway <= 1.0.22 - Authenticated (Administrator+) Remote Code Execution via 'conditional_tags' Parameter

The Lucky Wheel Giveaway plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.22 via the conditionaltags parameter. This is due to the plugin using PHP's eval function on user-controlled input without proper validation or sanitization. This makes i...

CVE-2025-14541

The Lucky Wheel Giveaway plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.22 via the conditionaltags parameter. This is due to the plugin using PHP's eval function on user-controlled input without proper validation or sanitization. This makes i...

CVE-2025-14541

CVE-2025-14541 refers to the WordPress plugin “Lucky Wheel Giveaway” (versions up to and including 1.0.22) with a Remote Code Execution vulnerability. The root cause is PHP eval() being applied to user-controlled input via the conditional_tags parameter, allowing an authenticated attacker with Ad...