CVE-2026-44594

esm.sh is a no-build content delivery network CDN for web development. In 137 and earlier, a Local File Inclusion LFI vulnerability exists in the esbuild plugin's handling of the browser field in package.json. An attacker can publish an npm package that causes the server to read and return...

MAL-2025-25578 Malicious code in loom-plugin-package-build (npm)

The package loom-plugin-package-build was found to contain malicious code...

CVE-2024-20957

Concrete details exist: CVE-2024-20957 affects JD Edwards EnterpriseOne Tools (Package Build SEC) in versions prior to 9.2.8.1. Root cause: insufficient input validation in Package Build SEC. Vector: high-privilege attacker over JDENET with network access; impact: partial DoS of JD Edwards Enterp...

PT-2024-1534 · Oracle · Jd Edwards Enterpriseone Tools

Name of the Vulnerable Software and Affected Versions: JD Edwards EnterpriseOne Tools versions prior to 9.2.8.1 Description: The issue is related to insufficient input validation in the Package Build SEC component. It allows a high-privileged attacker with network access via JDENET to compromise ...

SUSE-SU-2023:4758-1 Security update for SUSE Manager Server 4.3

This update fixes the following issues: release-notes-susemanager: - Update to SUSE Manager 4.3.10 SUSE Linux Enterprise Server Micro 5.5 support CLM filter by package build date Enhanced Errata.getDetails API endpoint CVEs fixed: CVE-2023-22644 Bugs mentioned: bsc1191143, bsc1204235, bsc1207012,...

SUSE-SU-2023:2572-1 Security update for salt

This update for salt fixes the following issues: - Update to Salt release version 3006.0 jscPED-4361 See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html - Add missing patch after rebase to fix collections Mapping issues - Add python3-looseversion as new dependency...

[SECURITY] [DLA 3395-2] golang-1.11 regression update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3395-2 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler April 20, 2023 https://wiki.debian.org/LTS -...

OPENSUSE-SU-2021:1452-1 Security update for mailman

This update for mailman fixes the following issues: Update to 2.1.35 to fix 2 security issues: - A potential for for a list member to carry out an off-line brute force attack to obtain the list admin password has been reported by Andre Protas, Richard Cloke and Andy Nuttall of Apple. This is fixe...

OPENSUSE-SU-2021:1436-1 Security update for mailman

This update for mailman fixes the following issues: Update to 2.1.35 to fix 2 security issues: - A potential for for a list member to carry out an off-line brute force attack to obtain the list admin password has been reported by Andre Protas, Richard Cloke and Andy Nuttall of Apple. This is fixe...

Security update for lilypond (moderate)

This update for lilypond fixes the following issues: - CVE-2018-10992: lilypond: Does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks bsc1093056 - packages do not build reproducibl...

Fedora 17 : postgresql-9.1.8-1.fc17 (2013-2152)

Update to new upstream releases, to fix CVE-2013-0255 and other issues described at http://www.postgresql.org/docs/9.2/static/release-9-2-3. html http://www.postgresql.org/docs/9.1/static/release-9-1-8. html - Make the package build with selinux option disabled - Include old version of...

Mandriva Update for python-imaging MDKA-2007:099 (python-imaging)

Check for the Version of python-imaging OpenVAS Vulnerability Test Mandriva Update for python-imaging MDKA-2007:099 python-imaging Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...