SUSE-SU-2026:1602-1 Security update for libpng16

This update for libpng16 fixes the following issue: - CVE-2026-34757: information disclosure and data corruption due to use-after-free in pngsetPLTE, pngsettRNS and pngsethIST bsc1261957...

EUVD-2023-45871

Malicious code in bioql PyPI...

kernel: wifi: rtw88: use work to update rate to avoid RCU warning

A flaw was identified in the Linux kernel’s rtw88 Wi-Fi driver drivers/net/wireless/realtek/rtw88 where the ieee80211ops::starcupdate callback was invoked within a Read-Copy-Update RCU read-side critical section without proper atomicity or deferral. The ieee80211chanbwchange function holds an RCU...

CVE-2023-41368

The OData service of the S4 HANA Manage checkbook apps - versions 102, 103, 104, 105, 106, 107, allows an attacker to change the checkbook name by simulating an update OData call...

period size is incorrectly set

Lines of code Vulnerability details Impact Instead of setting periodSize to 1800 30 min, it is currently set to 0 which means new observations will get added each time update is called at BaseV1-core.solL166 Proof of Concept 1. Observe that periodSize is set to 0 2. BaseV1-core.solL166 will alway...

python-cryptography: Large inputs for symmetric encryption can trigger integer overflow leading to buffer overflow

A buffer-overflow flaw was found in the python-cryptography package. In certain sequences of update calls when symmetrically encrypting very large payloads 2GB could result in an integer overflow, leading to buffer overflows. Note: This fix is a workaround for the OpenSSL CVE-2021-23840 flaw...