SUSE-SU-2026:0661-1 Security update for erlang

This update for erlang fixes the following issues: - CVE-2025-48039:Fixed an excessive use of system resources. bsc1249469 - CVE-2025-48038:Fixed an excessive use of system resources. bsc1249470 - CVE-2025-48040:Fixed an excessive resource consumption. bsc1249472...

CVE-2021-22292

There is a denial of service DoS vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS...

EUVD-2020-27998

Malware in sbrugna...

EUVD-2020-24770

Malware in sbrugna...

EUVD-2022-1699

Malicious code in bioql PyPI...

EUVD-2025-17089

Malicious code in bioql PyPI...

EUVD-2024-39631

Malicious code in bioql PyPI...

EUVD-2021-9438

Malicious code in bioql PyPI...

CVE-2024-13987

Improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability in Synology RADIUS Server allows remote authenticated users with administrator privileges to read or write limited files in SRM and conduct limited denial-of-service via unspecified vectors...

CVE-2025-46171

CVE-2025-46171 — vBulletin 3.8.7 DoS via buddylist . Multiple connected sources confirm that an authenticated user who maintains a sufficiently large buddy list can trigger excessive memory usage when the server processes the buddylist (misc.php?do=buddylist), leading to resource exhaustion and f...

CVE-2025-48902

Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-48902

Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-48902

CVE-2025-48902 affects Huawei HarmonyOS/EMUI and is described as a vulnerability in the setting module leading to potential availability impact. Public documentation in connected sources provides CVSS metrics (AV:L, AC:H, PR:L, UI:R, S:C, C:L/I:L/A:H) and notes exploitation is not detailed in the...

CVE-2025-48902

Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability...

PT-2025-24021 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns uncontrolled system resource applications in the setting module. Successful exploitation may affect availability. Recommendations: At the moment, there is no information...

CVE-2025-48381

Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. In versions starting from 2.4.0 to before 2.38.0, an authenticated CVAT user may be able to retrieve the IDs and names of all tasks, projects, labels, and the IDs of all jobs and quality...

CVE-2024-7097

An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the SOAP admin service, which allows user account creation regardless of the self-registration configuration settings. This vulnerability enables malicious actors to create new user accounts without proper...

CVE-2024-7097 Incorrect Authorization in Multiple WSO2 Products via SOAP Admin Service Allowing Unauthorized User Signup

An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the SOAP admin service, which allows user account creation regardless of the self-registration configuration settings. This vulnerability enables malicious actors to create new user accounts without proper...

CVE-2025-48381

Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. In versions starting from 2.4.0 to before 2.38.0, an authenticated CVAT user may be able to retrieve the IDs and names of all tasks, projects, labels, and the IDs of all jobs and quality...

CVE-2021-22294

A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources...