openSUSE 16 Security Update : ImageMagick (openSUSE-SU-2026:20337-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20337-1 advisory. - CVE-2026-22770: improper pointer initialization can cause denial of service bsc1256969. - CVE-2026-23874: manipulation of digital images can...

Security update for freerdp (important)

openSUSE security update: security update for freerdp ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20339-1 Rating: important References: bsc1214869 bsc1214870 bsc1214871 bsc1219049 bsc1223293 bsc1223294 bsc1223295 bsc1223296 bsc1223297 bsc1223298...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : mozilla-nss (SUSE-SU-2026:0813-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0813-1 advisory. Update to NSS 3.112.3: CVE-2026-2781: Avoid integer overflow in platform-independent ghash bsc1258568...

OPENSUSE-SU-2026:20124-1 Security update for ucode-amd

This update for ucode-amd fixes the following issues: Changes in ucode-amd: - Update to version 20251203 git commit a0f0e52138e5: linux-firmware: Update amd-ucode copyright information linux-firmware: Update AMD cpu microcode - Update to version 20251113 git commit fb0dbcd30118: linux-firmware:...

openSUSE 16 Security Update : rabbitmq-server (openSUSE-SU-2026:20082-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20082-1 advisory. Changes in rabbitmq-server: Update to 4.1.5: Highlights - Khepri, an alternative schema data store developed to replace Mnesia, has matured and is now...

SUSE Linux Enterprise Desktop Backlink Vulnerability

SUSE Linux Enterprise Desktop is an enterprise server version of the Linux desktop operating system from SUSE Germany. A backlink vulnerability exists in SUSE Linux Enterprise Desktop 15 SP5 that stems from the presence of incorrect link resolution before file access. Affected Products and...

SUSE CVE-2018-7689

Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service before 2.9.3 allowed authenticated users to modify packages where they do not have write permissions...

SUSE CVE-2021-25329

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the...

otrs 3.1 - Stored XSS vulnerability

No description provided by source. !/usr/bin/python ''' Author: Mike Eduard - Znuny - Enterprise Services for OTRS Product: OTRS Open Technology Real Services Version: 3.1.8, 3.1.9 and 3.1.10 Vendor Homepage: http://otrs.org CVE: 2012-4751 Timeline: 03 Sep 2012: Vulnerability reported + fix to...

OTRS 3.1 - Persistent Cross-Site Scripting

!/usr/bin/python ''' Author: Mike Eduard - Znuny - Enterprise Services for OTRS Product: OTRS Open Technology Real Services Version: 3.1.8, 3.1.9 and 3.1.10 Vendor Homepage: http://otrs.org CVE: 2012-4751 Timeline: 03 Sep 2012: Vulnerability reported + fix to vendor 04 Sep 2012: Vulnerability...

OTRS 3.1 - Persistent Cross-Site Scripting

OTRS 3.1 - Persistent Cross-Site Scripting !/usr/bin/python ''' Author: Mike Eduard - Znuny - Enterprise Services for OTRS Product: OTRS Open Technology Real Services Version: 3.1.8, 3.1.9 and 3.1.10 Vendor Homepage: http://otrs.org CVE: 2012-4751 Timeline: 03 Sep 2012: Vulnerability reported + f...

OTRS 3.1 Cross Site Scripting

!/usr/bin/python ''' Author: Mike Eduard - Znuny - Enterprise Services for OTRS Product: OTRS Open Technology Real Services Version: 3.1.8, 3.1.9 and 3.1.10 Vendor Homepage: http://otrs.org CVE: 2012-4751 Timeline: 03 Sep 2012: Vulnerability reported + fix to vendor 04 Sep 2012: Vulnerability...

OTRS 3.1 Stored XSS Vulnerability

CVE: 2012-4751 This vulnerability PoC is a follow up http://1337day.com/exploit/19298 !/usr/bin/python ''' Author: Mike Eduard - Znuny - Enterprise Services for OTRS Product: OTRS Open Technology Real Services Version: 3.1.8, 3.1.9 and 3.1.10 Vendor Homepage: http://otrs.org CVE: 2012-4751...

OTRS Open Technology Real Services 3.1.8/3.1.9 - Cross-Site Scripting

!/usr/bin/python ''' Author: Mike Eduard - Znuny - Enterprise Services for OTRS Product: OTRS Open Technology Real Services Version: 3.1.8 and 3.1.9 Vendor Homepage: http://otrs.org CVE: 2012-4600 Timeline: 22 Aug 2012: Vulnerability reported to vendor and CERT 23 Aug 2012: Response received from...

OTRS Open Technology Real Services 3.1.8 / 3.1.9 XSS

!/usr/bin/python ''' Author: Mike Eduard - Znuny - Enterprise Services for OTRS Product: OTRS Open Technology Real Services Version: 3.1.8 and 3.1.9 Vendor Homepage: http://otrs.org CVE: 2012-4600 Timeline: 22 Aug 2012: Vulnerability reported to vendor and CERT 23 Aug 2012: Response received from...

Linux kernel 2.6.18 'taskstats'本地拒绝服务漏洞

BUGTRAQ ID: 55144 CVE ID: CVE-2012-3510 Linux Kernel其基础为linux平台，linux为C语言编写的内核，基于此内核又衍生出了具体的Red hat linux 、open suse linux等具体的操作系统，一套基于Linux内核的完整操作系统叫作Linux操作系统，或是GNU/Linux。 Linux Kernel在 "taskstats" 的实现上存在本地拒绝服务漏洞，可被恶意本地用户利用触发内核崩溃。 0 Linux kernel 2.6.18 厂商补丁： Linux -----...