Fedora 42 : python-scitokens (2026-dec8f790f7)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-dec8f790f7 advisory. - Remove legacy parent SciToken chaining behavior from token initialization and claim handling - Harden Enforcer scope path traversal validation including...

WordPress Funnel Builder by FunnelKit plugin <= 3.10.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Tom Broucke Patchstack Alliance in WordPress Plugin Funnel Builder by FunnelKit versions = 3.10.2...

Debian dla-4177 : libphp-adodb - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4177 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4177-1 [email protected] https://www.debian.org/lts/security/...

[SECURITY] [DLA 4177-1] libphp-adodb security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4177-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk May 24, 2025 https://wiki.debian.org/LTS -...

CVE-2024-51482

ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder v1.37. = 1.37.64 is vulnerable to boolean-based SQL Injection in function of web/ajax/event.php. This is fixed in 1.37.65...

CVE-2024-36412

SuiteCRM is an open-source Customer Relationship Management CRM software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in events response entry point allows for a SQL injection attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue...

ALSA-2024:9193 Moderate: python3.12-PyMySQL security update

This package contains a pure-Python MySQL client library. The goal of PyMySQL is to be a drop-in replacement for MySQLdb and work on CPython, PyPy, IronPython and Jython. Security Fixes: python-pymysql: SQL injection if used with untrusted JSON input CVE-2024-36039 For more details about the...

openSUSE 15 Security Update : python-mysql-connector-python (openSUSE-SU-2024:0351-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2024:0351-1 advisory. - Update to 9.1.0 boo1231740, CVE-2024-21272 - WL16452: Bundle all installable authentication plugins when building the C-extension - WL16444: Drop build...

SUSE-SU-2023:3384-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: - Update to 12.16 - CVE-2023-39417: Fixed potential SQL injection for trusted extensions. bsc1214059...

SUSE-SU-2023:3344-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: - Update to 13.12 - CVE-2023-39417: Fixed potential SQL injection for trusted extensions. bsc1214059...

SUSE-SU-2023:3342-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: - Update to 15.4 - CVE-2023-39417: Fixed potential SQL injection for trusted extensions. bsc1214059 - CVE-2023-39418: Fix MERGE to enforce row security. bsc1214061...

SUSE-SU-2023:3341-1 Security update for postgresql12

This update for postgresql12 fixes the following issues: - Update to 12.16 - CVE-2023-39417: Fixed potential SQL injection for trusted extensions. bsc1214059...

OPENSUSE-SU-2023:0005-1 Security update for python-Django

This update for python-Django fixes the following issues: - CVE-2022-41323: Fixed potential denial-of-service vulnerability in internationalized URLs boo1203793 - CVE-2022-36359: Fixed a potential reflected file download vulnerability in FileResponse boo1201923 - Update from 2.2.12 to 2.2.28...

SUSE-SU-2022:1832-1 Security update for openldap2

This update for openldap2 fixes the following issues: Security: - CVE-2022-29155: Fixed SQL injection in back-sql bsc1199240. Bugfixes: - allow specification of max/min TLS version with TLS1.3 bsc1191157 - libldap was able to be out of step with openldap in some cases which could cause incorrect...

SUSE-SU-2022:1671-1 Security update for openldap2

This update for openldap2 fixes the following issues: - CVE-2022-29155: Fixed SQL injection in back-sql bsc1199240. - Fixed issue with SASL init that crashed slapd at startup under certain conditions bsc1198383...

SUSE-SU-2022:1670-1 Security update for openldap2

This update for openldap2 fixes the following issues: - CVE-2022-29155: Fixed SQL injection in back-sql bsc1199240...

SUSE-SU-2022:0743-2 Security update for cyrus-sasl

This update for cyrus-sasl fixes the following issues: - CVE-2022-24407: Fixed SQL injection in sqlauxpropstore in plugins/sql.c bsc1196036. The following non-security bugs were fixed: - postfix: sasl authentication with password fails bsc1194265...

OPENSUSE-SU-2022:0743-1 Security update for cyrus-sasl

This update for cyrus-sasl fixes the following issues: - CVE-2022-24407: Fixed SQL injection in sqlauxpropstore in plugins/sql.c bsc1196036. The following non-security bugs were fixed: - postfix: sasl authentication with password fails bsc1194265...

SUSE-SU-2022:0593-1 Security update for SUSE Manager Server 4.2

This update fixes the following issues: c3p0: - Build with log4j mapper dhcpd-formula: - Update to version 0.1.1641480250.d5bd14c make routers option optional hibernate5: - Fix potential SQL injection CVE-2020-25638 bsc1193832 mgr-libmod: - Version 4.2.7-1 require python macros for building...

OPENSUSE-SU-2022:0226-1 Security update for log4j12

This update for log4j12 fixes the following issues: - CVE-2022-23307: Fix deserialization issue by removing the chainsaw sub-package. bsc1194844 - CVE-2022-23305: Fix SQL injection by removing src/main/java/org/apache/log4j/jdbc/JDBCAppender.java. bsc1194843 - CVE-2022-23302: Fix remote code...