OPENSUSE-SU-2026:20567-1 Security update for qemu

This update for qemu fixes the following issues: Update to version 10.0.9. Security issues fixed: - CVE-2026-3196: unbounded memory allocation and host denial-of-service via PCMINFO requests sent from the guest bsc1259079. - CVE-2026-3195: heap out-of-bounds write when reading input audio in the...

EUVD-2023-41187

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-37278

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator ca...

CVE-2023-37278

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in version 10.0.9...

CVE-2023-37278

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in version 10.0.9...

UBUNTU-CVE-2023-37278

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in version 10.0.9...

CVE-2023-37278 GLPI vulnerable to SQL injection via dashboard administration

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in version 10.0.9...

CVE-2023-37278 GLPI vulnerable to SQL injection via dashboard administration

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in version 10.0.9...

CVE-2023-37278 GLPI vulnerable to SQL injection via dashboard administration

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in version 10.0.9...

Eclipse Jetty 输入验证错误漏洞

Eclipse Jetty is an open source, Java-based Web server and Java Servlet container from the Eclipse Foundation. A security vulnerability exists in Eclipse Jetty that stems from invalid URI parsing that could result in an invalid HttpURI.authority, which affects the following products and releases:...

SonicWall Email Security Appliance 信任管理问题漏洞

Sonicwall SonicWall Email Security Appliance is an email security appliance from SonicWall USA. A vulnerability with trust management issues exists in the SonicWall Email Security Virtual Appliance prior to version 10.0.9. The vulnerability stems from the program containing a default username and...

CVE-2021-20023

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host...

Design/Logic Flaw

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host...

CVE-2021-20023

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host...

PT-2021-2764

Name of the Vulnerable Software and Affected Versions: SonicWall Email Security version 10.0.9.x Description: The issue is related to incorrect restriction of a directory path with limited access. This allows a remote attacker to gain unauthorized access to protected information. Specifically, it...

CVE-2021-20022

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host...

Design/Logic Flaw

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host...

CVE-2021-20022

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host. Recent assessments: wvu-r7 at September 07, 2021 4:22am UTC reported: Super easy to exploit. See CVE-2021-20021 for the first part of the...

RealPlayer: Buffer overflow

Background RealPlayer is a multimedia player capable of handling multiple multimedia file formats. Description A stack-based buffer overflow vulnerability has been reported in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp when handling HH:mm:ss.f type time formats. Impact By...