PT-2026-20906

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a bug in download skill installation allowed targetDir values from skill frontmatter to resolve outside the per-skill tools directory if not strictly validated. In the admin-only skills.install flow, this could write files outside t...

Exposure of Information Through Directory Listing

Overview rack is a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a singl...

EUVD-2025-11213

Malicious code in bioql PyPI...

UBUNTU-CVE-2024-53147

In the Linux kernel, the following vulnerability has been resolved: exfat: fix out-of-bounds access of directory entries In the case of the directory size is greater than or equal to the cluster size, if startclu becomes an EOF clusteran invalid cluster due to file system corruption, then the...

CLSA-2023-1699381084 Fix of 5 CVEs

SECURITY UPDATE: reachable assertion failure in displaydebugnames - debian/patches/CVE-2022-35205.patch: replace assert with a warning message - CVE-2022-35205 SECURITY UPDATE: memory leak in stabdemanglev3arg - debian/patches/CVE-2022-47007.patch: free dt on failure path - CVE-2022-47007 SECURIT...

March 14, 2023—KB5023698 (OS Build 22000.1696)

March 14, 2023—KB5023698 OS Build 22000.1696 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 21H2, see its update history page.Note Follow @WindowsUpdate to find out...

gcc security and bug fix update

8.3.1-5.0.3 - Fix Orabug 29838827 - provide an option to adjust the maximum depth of nested include This is the same bug as gcc upstream PR90581 from Gcc9: gcc9-pr90581.patch - Fix Orabug 29541051 - confusing error message when there is a problem with ASANOPTIONS 'ERROR: expected '='' This is the...

SUSE-SU-2019:1521-1 Security update for dbus-1

This update for dbus-1 fixes the following issues: Security issue fixed: - CVE-2019-12749: Fixed an implementation flaw in DBUSCOOKIESHA1 which could have allowed local attackers to bypass authentication bsc1137832. - Fixes in spec file: fix warning and error messages. fix licensing directory...

SUSE-SU-2019:0805-1 Recommended update for adcli, sssd

This update for adcli and sssd provides the following improvement: Security vulnerability fixed: - CVE-2019-3811: Fix fallbackhomedir returning '/' for empty home directories bsc1121759 Other fixes: - Add an option to disable checking for trusted domains in the subdomains provider bsc1125617 -...

SUSE-SU-2018:0552-1 Security update for SUSE Manager Server 3.1

This update fixes the following issues: nutch: - Fix hadoop log dir. bsc1061574 osad, rhnlib: - Fix update mechanism when updating the updateservice bsc1073619 pxe-default-image: - Spectre and Meltdown mitigation. CVE-2017-5753, CVE-2017-5715, CVE-2017-5754, bsc1068032 spacecmd: - Support multipl...

SUSE-SU-2018:0285-1 Security update for SUSE Manager Server 3.0

This update fixes the following issues: !!!NOTE: For PostgreSQL, schema migrations could take a long time hours, depending on the number of synced !!! !!!packages and number of rows which requires cleanup. Please refer to the release notes for more information.!!! nutch: - Fix log hadoop into...

openSUSE Security Update : MozillaFirefox (openSUSE-2017-1279)

MozillaFirefox was updated to 52.5.0esr boo1068101 MFSA 2017-25 - CVE-2017-7828: Fixed a use-after-free of PressShell while restyling layout - CVE-2017-7830: Cross-origin URL information leak through Resource Timing API - CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5...

dovecot security and bug fix update

1.0.7-7 - permissions of deliver and dovecot.conf from 1.0.7-5 reverted - password can be stored in different file readable only for root now - Resolves: 436287, CVE-2008-4870 1.0.7-6 - added missing directory in file list - Resolves: 436287 1.0.7-5 - change permissions of deliver and dovecot.con...

Security fix for the ALT Linux 6 package eggdrop version 1.6.18-alt2

Sept. 20, 2007 Vladimir V Kamarzin 1.6.18-alt2 - Security fix: CVE-2007-2807: Stack-based buffer overflow in mod/server.mod/servrmsg.c - Recode README.ALT to utf8 and update it - Create pseudouser on %pre stage - Install config to /var/lib/eggdrop - Load module blowfish by default - Change defaul...