SUSE-SU-2026:20948-1 Security update for net-tools

This update for net-tools fixes the following issues: - Fix stack buffer overflow in parsehex bsc1248687, GHSA-h667-qrp8-gj58. - Fix stack-based buffer overflow in procgenfmt bsc1248687, GHSA-w7jq-cmw2-cq59. - Avoid unsafe memcpy in ifconfig bsc1248687. - Prevent overflow in ax25 and netrom...

SUSE-SU-2025:03245-1 Security update for net-tools

This update for net-tools fixes the following issues: Security issues fixed: - Avoid unsafe use of memcpy in ifconfig bsc1248687. - Prevent overflow in ax25 and netrom bsc1248687. - Fix stack buffer overflow in parsehex bsc1248687. - Fix stack buffer overflow in procgenfmt bsc1248687. Other issue...

kernel: netfilter: complete validation of user input

A denial of service vulnerability exists in the Linux kernel such that @optlen validation is not called before the function xtalloctableinfo, an attacker could craft a payload that results in a crash resulting in loss of availability...

SUSE CVE-2019-12211

When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow...

The vulnerability of the main() function of the dmgdmg2img conversion tool, which involves reading data beyond the allowable buffer size, allows an attacker to access confidential data and cause a service failure.

The vulnerability of the main function of the dmgdmg2img conversion tool lies in the lack of checks for the size of the read buffer during the memcpy operation within the function. Exploiting this vulnerability can allow an attacker to gain access to confidential data, as well as cause service...

FreeBSD : mod_jk -- long URL stack overflow vulnerability (cf86c644-cb6c-11db-8e9d-000c6ec775d9)

TippingPoint and The Zero Day Initiative reports : This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache Tomcat JK Web Server Connector. Authentication is not required to exploit this vulnerability. The specific flaw exists in the URI handler f...

Microsoft SQL Server 7.02000 Data Engine 1.02000 - xp_peekqueue Buffer Overflow

Microsoft SQL Server 7.02000 Data Engine 1.02000 - xppeekqueue Buffer Overflow // source: https://www.securityfocus.com/bid/2040/info The API Srvparaminfo, which is implemented by Extended Stored Procedures XPs in Microsoft SQL Server and Data Engine, is susceptible to a buffer overflow...

Microsoft SQL Server 7.02000 Data Engine 1.02000 - xp_showcolv Buffer Overflow

Microsoft SQL Server 7.02000 Data Engine 1.02000 - xpshowcolv Buffer Overflow // source: https://www.securityfocus.com/bid/2038/info The API Srvparaminfo, which is implemented by Extended Stored Procedures XPs in Microsoft SQL Server and Data Engine, is susceptible to a buffer overflow...