SUSE SLES15 Security Update : zypper-docker (SUSE-SU-2026:1951-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1951-1 advisory. This update for zypper-docker fixes the following issues - CVE-2026-2808: github.com/hashicorp/consul: unvalidated user-supplied fi...

CVE-2026-32273

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, updating a category description via API is not sanitizing the description string, which can lead to XSS attacks. This issu...

CVE-2025-55703

An error-based SQL injection vulnerability exists in the Sunbird Power IQ 9.2.0 API. The vulnerability is due to an outdated API endpoint that applied arrays without proper input validation. This can allow attackers to manipulate SQL queries. This has been addressed in Power IQ version 9.2.1, whe...

EUVD-2021-1993

Malware in sbrugna...

EUVD-2014-8764

Malware in sbrugna...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the /sys-api/role/update interface. An attacker can access sensitive data or disrupt normal system operations by sending specially crafted requests. Remediation Upgrade...

PT-2025-9860 · Jenkins +1 · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.499 and earlier, LTS versions 2.492.1 and earlier Description: The issue allows attackers with View/Read permission to view encrypted values of secrets when accessing config.xml of views via REST API or CLI. This occurs...