Security update for zypper-docker

This update for zypper-docker fixes the following issues CVE-2026-2808: github.com/hashicorp/consul: unvalidated user-supplied file paths can lead to arbitrary file reads through the Vault Kubernetes authentication provider bsc1259563. CVE-2026-33186: google.golang.org/grpc: authorization bypass...

CVE-2026-41228

Froxlor prior to 2.3.6 is vulnerable to Local File Inclusion via the API parameter def_language used by Customers.update/Admins.update. An authenticated user can set def_language to a path traversal payload, which is stored and later used to require a file, resulting in arbitrary PHP code executi...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2025:8609)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:8609 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...

Shopware allows Denial Of Service via password length

Impact It's possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. Patches Update to Shopware 6.6.10.3 or 6.5.8.17 Workarounds For older versions of 6.4, corresponding security measures are also available via a plugin. For the full range of...

Qualys Cloud Platform 2.44 New Features

This release of the Qualys Cloud Platform version 2.44 includes updates and new features for Cloud Agent and Web Application Scanning, highlights as follows. Cloud Agent User Interface "License Overview" changing to "Activation Overview" on Dashboard – The references to License have been changed ...

Qualys Cloud Platform 2.38 New Features

This release of the Qualys Cloud Platform version 2.38 includes updates and new features for AssetView, Web Application Firewall, and Web Application Scanning, highlights as follows. AssetView Azure Instance State search token and Dynamic Tag Support – A new search token "azure.vm.state" is added...

openSUSE Security Update : GraphicsMagick (openSUSE-2019-397)

GraphicsMagick was updated to 1.3.29 : - Security Fixes : - GraphicsMagick is now participating in Google's oss-fuzz project - JNG: Require that the embedded JPEG image have the same dimensions as the JNG image as provided by JHDR. Avoids a heap write overflow. - MNG: Arbitrarily limit the number...

Qualys Cloud Platform 2.37 New Features

This release of the Qualys Cloud Platform version 2.37 includes updates and new features for Security Assessment Questionnaire and Web Application Scanning, highlights as follows. Security Assessment Questionnaire Manager access to all active campaigns – Questionnaire Manager role now has access ...

Qualys Cloud Platform 2.34.1 New Features

This release of the Qualys Cloud Platform version 2.34.1 includes updates and new features for Cloud Agent & AWS EC2 Connector, AssetView, CloudView, and Security Assessment Questionnaire, highlights as follows. Cloud Agent & AWS EC2 Connector Automatic Merge of Cloud Agents running in Amazon Web...

openSUSE Security Update : GraphicsMagick (openSUSE-2018-518)

GraphicsMagick was updated to 1.3.29 : - Security Fixes : - GraphicsMagick is now participating in Google's oss-fuzz project - JNG: Require that the embedded JPEG image have the same dimensions as the JNG image as provided by JHDR. Avoids a heap write overflow. - MNG: Arbitrarily limit the number...

Recommended update for GraphicsMagick (moderate)

GraphicsMagick was updated to 1.3.29: Security Fixes: - GraphicsMagick is now participating in Google's oss-fuzz project - JNG: Require that the embedded JPEG image have the same dimensions as the JNG image as provided by JHDR. Avoids a heap write overflow. - MNG: Arbitrarily limit the number of...

Qualys Cloud Platform 2.30 New Features

This release of the Qualys Cloud Platform version 2.30 includes updates and new features for Cloud Agent, EC2 Connector, Web Application Scanning, Web Application Firewall, and Security Assessment Questionnaire, highlights as follows. This posting has been updated on 9/6/2017 and 10/25/2017 to...

Qualys Cloud Platform 2.28 New Features

This release of the Qualys Cloud Platform version 2.28 includes updates and new features for Cloud Agent, AssetView, ThreatPROTECT, Security Assessment Questionnaire and Web Application Scanning, highlights as follows: Cloud Agent Cloud Agent AIX Beta – beta release of Qualys Cloud Agent supporti...

Fedora 24 : roundcubemail-1.1.5-1.fc24 (2016-aff691237e)

Release 1.1.5 Plugin API: Added html2text hook Plugin API: Added addressbookexport hook Fix missing emoticons on html-to-text conversion Fix random 'access to this resource is secured against CSRF' message at logout 4956 Fix missing language name in 'Add to Dictionary' request in HTML mode 4951...

libvirt security and bug fix update

0.10.2-18.0.1.el64.14 - Replace docs/et.png in tarball with blank image 0.10.2-18.el64.14 - spec: Update requirements to pick up rebuilt polkit CVE-2013-4311 0.10.2-18.el64.13 - spec: Fix messed up dependency on polkit CVE-2013-4311 0.10.2-18.el64.12 - Introduce APIs for splitting/joining strings...