USN-8362-1 xz-utils vulnerability

It was discovered that XZ Utils did not properly manage memory when attempting to append data to a decoded index that contained no records. An attacker could possibly use this issue to cause XZ Utils to crash, resulting in a denial of service, or execute arbitrary code...

Security update for xz

This update for xz fixes the following issue CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...

SUSE-SU-2026:2118-1 Security update for xz

This update for xz fixes the following issue - CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280...

openSUSE 16 Security Update : xz (openSUSE-SU-2026:20813-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20813-1 advisory. This update for xz fixes the following issue - CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280. Tenable has extracted the preceding...

CVE-2026-7797

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'appendwheresql' parameter in all versions up to, and including, 1.6.11.8 due to insufficient escaping on the user supplied parameter and lac...

CVE-2026-7797

The CVE covers the WordPress plugin Appointment Booking Calendar – Simply Schedule Appointments . The vulnerability exists in versions up to

CVE-2026-7797 Appointment Booking Calendar <= 1.6.11.8 - Unauthenticated SQL Injection via 'append_where_sql' Parameter

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'appendwheresql' parameter in all versions up to, and including, 1.6.11.8 due to insufficient escaping on the user supplied parameter and lac...

CVE-2026-7797 Appointment Booking Calendar <= 1.6.11.8 - Unauthenticated SQL Injection via 'append_where_sql' Parameter

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'appendwheresql' parameter in all versions up to, and including, 1.6.11.8 due to insufficient escaping on the user supplied parameter and lac...

CVE-2026-45089

Dalfox AOSS (CVE-2026-45089) allows unauthenticated arbitrary file creation/append when running in REST server mode. Before v2.13.0, the API accepts attacker-controlled OutputFile, OutputAll, and Debug in model.Options; the logger writes to the attacker-specified path via os.OpenFile with O_APPEN...

SUSE SLES12 Security Update : xz (SUSE-SU-2026:2052-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:2052-1 advisory. This update for xz fixes the following issue - CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280. Tenable has extracted the preceding...

CVE-2026-45991

udf: fix partition descriptor append bookkeeping...

SUSE-SU-2026:21835-1 Security update for xz

This update for xz fixes the following issue - CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280...

SUSE-SU-2026:21848-1 Security update for xz

This update for xz fixes the following issue - CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280...

OPENSUSE-SU-2026:20813-1 Security update for xz

This update for xz fixes the following issue - CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280...

SUSE SLED15 / SLES15 Security Update : xz (SUSE-SU-2026:2051-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2051-1 advisory. This update for xz fixes the following issue - CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280. Tenable h...

ROS-20260526-73-0007

A vulnerability in the lzmaindexappend function of the XZ Utils data compression package is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

Security update for xz

This update for xz fixes the following issue CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...

SUSE-SU-2026:2052-1 Security update for xz

This update for xz fixes the following issue - CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280...

Security update for xz

This update for xz fixes the following issue CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...

SUSE-SU-2026:2051-1 Security update for xz

This update for xz fixes the following issue - CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280...