SUSE CVE-2026-43028

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is the most recent commit that needs this change...

CVE-2025-38636

In the Linux kernel, the following vulnerability has been resolved: rv: Use strings in da monitors tracepoints Using DA monitors tracepoints with KASAN enabled triggers the following warning: BUG: KASAN: global-out-of-bounds in dotraceeventraweventeventdamonitor+0xd6/0x1a0 Read of size 32 at addr...

PT-2022-23900 · Stealjs · Stealjs

Name of the Vulnerable Software and Affected Versions: stealjs steal version 2.2.4 Description: A Regular Expression Denial of Service ReDoS flaw was found in the software via the string variable in babel.js. This issue can cause a denial of service. Recommendations: For version 2.2.4, consider...

CVE-2019-11069

Sequelize version 5 before 5.3.0 does not properly ensure that standard conforming strings are used...

SUSE-SU-2017:1067-1 Security update for ruby2.1

This ruby2.1 update to version 2.1.9 fixes the following issues: Security issues fixed: - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new'initialize' bsc1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL bsc959495 - CVE-2015-3900: hostname validation does...

Security update for ruby2.2, ruby2.3 (important)

This update for ruby2.2, ruby2.3 fixes the following issues: Security issues fixed: - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new"initialize" boo1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL boo959495 Detailed ChangeLog: -...