OPENSUSE-SU-2026:20745-1 Security update for php8

This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. - CVE-2026-6104: out-of-bounds read when processing an encoding name containing an embedded NULL byte in...

CVE-2025-47812

In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service root or SYSTEM by default. This is thu...

SUSE-SU-2025:1053-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147...

Security update for openvpn

This update for openvpn fixes the following issues: CVE-2024-5594: Fixed wrong handling of null bytes and invalid characters in control messages bsc1235147 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

PT-2019-6811 · Chicken +1 · Chicken +1

Name of the Vulnerable Software and Affected Versions: Chicken versions prior to 4.8.0 Description: The issue arises from improper handling of NUL bytes in certain strings, allowing an attacker to conduct a "poisoned NUL byte attack." Recommendations: For versions prior to 4.8.0, update to versio...