24 matches found
CLSA-2026-1779582830 vim: Fix of CVE-2026-46483
CVE-2026-46483: fix command injection in tar plugin Vimuntar when decompressing .tgz archives by passing the special flag to shellescape upstream vim 9.2.0479...
CLSA-2026-1777943581 vim: Fix of 2 CVEs
CVE-2026-35177: fix path traversal bypass in zip.vim by using simplify to detect attacks that circumvent the previous regex-only check - CVE-2026-39881: fix command injection in netbeans interface via unsanitized defineAnnoType and specialKeys parameters...
OPENSUSE-SU-2026:20653-1 Security update for radare2
This update for radare2 fixes the following issues: Changes in radare2: - Update to version 6.1.4 bsc1262142, CVE-2026-40499: Analysis: improve autoname scoring, jmptbl detection, and performance Add callargs modifier, rnum expressions, and typed function context Refactor autoname into plugin;...
Security update for rust-keylime
This update for rust-keylime fixes the following issues: Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344. CVE-2024-12224...
CVE-2024-42360 Command Injection in sequenceserver
SequenceServer lets you rapidly set up a BLAST+ server with an intuitive user interface for personal or group use. Several HTTP endpoints did not properly sanitize user input and/or query parameters. This could be exploited to inject and run unwanted shell commands. This vulnerability has been...
SUSE-SU-2024:0604-1 Security update for openssh
This update for openssh fixes the following issues: - CVE-2023-51385: Fixed a command injection via user name or host name metacharacters bsc1218215. - Remember the state of sshd service during update / removal, to allow cut-over to a different openssh package. bsc1220110...
SUSE-SU-2024:0539-1 Security update for libssh
This update for libssh fixes the following issues: Update to version 0.9.8 jscPED-7719: Fix CVE-2023-6004: Command injection using proxycommand bsc1218209 Fix CVE-2023-48795: Potential downgrade attack using strict kex bsc1218126 Fix CVE-2023-6918: Missing checks for return values of MD functions...
SUSE-SU-2024:0140-1 Security update for libssh
This update for libssh fixes the following issues: Security fixes: - CVE-2023-6004: Fixed command injection using proxycommand bsc1218209 - CVE-2023-48795: Fixed potential downgrade attack using strict kex bsc1218126 - CVE-2023-6918: Fixed missing checks for return values of MD functions bsc12181...
SUSE-SU-2022:2763-1 Security update for sssd
This update for sssd fixes the following issues: - CVE-2021-3621: Fixed shell command injection in sssctl via the logs-fetch and cache-expire subcommand bsc1189492. - Add 'ldapignoreunreadablereferences' parameter to skip unreadable objects referenced by 'member' attributte bsc1190775 - Fix 32-bi...
SUSE-SU-2022:2351-1 Security update for python3
This update for python3 fixes the following issues: Security issues fixed: - CVE-2021-3572: Update bundled pip wheel to the latest SLE version bsc1186819 - CVE-2015-20107: avoid command injection in the mailcap module bsc1198511. Other bugs fixed: - Remove shebangs from from python-base libraries...
SUSE-SU-2022:2291-1 Security update for python310
This update for python310 fixes the following issues: - CVE-2015-20107: avoid command injection in the mailcap module bsc1198511. - Update to 3.10.5: - Core and Builtins - gh-93418: Fixed an assert where an f-string has an equal sign '=' following an expression, but there's no trailing brace. For...
SUSE-SU-2022:2251-1 Security update for openssl-1_1
This update for openssl-11 fixes the following issues: - CVE-2022-1292: Fixed command injection in crehash bsc1199166. - CVE-2022-2068: Fixed more shell code injection issues in crehash. bsc1200550...
SUSE-SU-2022:2075-1 Security update for openssl-1_1
This update for openssl-11 fixes the following issues: - CVE-2022-1292: Fixed command injection in crehash bsc1199166...
openSUSE: Security Advisory for git (SUSE-SU-2022:1484-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2021:1289-1 Security update for php-composer
This update for php-composer fixes the following issues: - Require php-mbstring as requested in boo1187416 - Version 1.10.22 Security: Fixed command injection vulnerability in HgDriver/HgDownloader and hardened other VCS drivers and downloaders GHSA-h5h8-pc6h-jvvx / CVE-2021-29472, boo1185376 -...
OPENSUSE-SU-2021:1273-1 Security update for ghostscript
This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2021-3781: Fixed a trivial -dSAFER bypass command injection bsc1190381 Also a hardening fix was added: - Link as position independent executable bsc1184123 This update was imported from the SUSE:SLE-15:Update upda...
OPENSUSE-SU-2021:3044-1 Security update for ghostscript
This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2021-3781: Fixed a trivial -dSAFER bypass command injection bsc1190381 Also a hardening fix was added: - Link as position independent executable bsc1184123...
SUSE-SU-2021:2941-1 Security update for sssd
This update for sssd fixes the following issues: - CVE-2021-3621: Fixed shell command injection in sssctl via the logs-fetch and cache-expire subcommands bsc1189492. - Add LDAPS support for the AD provider bsc1183735. - Improve logs to record the reason why internal watchdog terminates a process...
OPENSUSE-SU-2021:1951-1 Security update for salt
This update for salt fixes the following issues: - Check if dpkgnotify is executable bsc1186674 - Update to Salt release version 3002.2 jscECO-3212, jscSLE-18033, jscSLE-18028 - Drop support for Python2. Obsoletes python2-salt package jscSLE-18028 - Fix issue parsing errors in ansiblegate state...
Security update for salt (critical)
openSUSE Security Update: Security update for salt Announcement ID: openSUSE-SU-2021:2106-1 Rating: critical References: 1171257 1176293 1179831 1181368 1182281 1182293 1182382 1185092 1185281 1186674 ECO-3212 SLE-18028 SLE-18033 Cross-References: CVE-2018-15750 CVE-2018-15751 CVE-2020-11651...