SUSE-SU-2026:21095-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update sqlite3 to version 3.51.3: Security issues: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Non security issue:...

SUSE-SU-2026:21173-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update sqlite3 to version 3.51.3: Security issues: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Non security issue:...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sqlite3 (SUSE-SU-2026:1065-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1065-1 advisory. Update sqlite3 to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. -...

Security update for sqlite3

This update for sqlite3 fixes the following issues: Update sqlite3 to 3.51.3: CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database corruption...

SUSE-SU-2026:1065-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update sqlite3 to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database...

SUSE-SU-2026:20771-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to sqlite3 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Update to version 3.51.3: Fix the...

SUSE-SU-2026:0955-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database corruption bug...

Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to 3.51.3: CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database corruption bug:...

SUSE-SU-2026:20794-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to version 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Update to version 3.51.3: Fix the...

CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: terraform-provider-pagerduty, q, gitea, zarf, cerbos, gitaly, flux-source-controller, crossplane-provider-aws-cloudwatchlogs, extism, rancher-fleet, grafana, k9s, pulumi-language-dotnet, flux-kustomize-controller, crossplane-provider-azure-sql, nuclei, pulumi,...

GHSA-Q9HV-HPM4-HJ6X vulnerabilities

Vulnerabilities for packages: terraform-provider-pagerduty, q, gitea, zarf, cerbos, gitaly, flux-source-controller, crossplane-provider-aws-cloudwatchlogs, extism, rancher-fleet, grafana, k9s, pulumi-language-dotnet, flux-kustomize-controller, crossplane-provider-azure-sql, nuclei, pulumi,...

CVE-2026-1229 vulnerabilities

Vulnerabilities for packages: chainctl, aactl, flux-image-automation-controller, kubevela, pulumi, terraform-provider-pagerduty, grafana-alloy-fips, lazygit, crossplane-provider-keycloak-fips, crossplane-provider-family-aws-fips, gitaly-fips, gptscript, syft-fips, crossplane-provider-aws-sns, apk...

EUVD-2023-0749

Malicious code in bioql PyPI...

SUSE-SU-2025:01799-1 Security update for postgresql, postgresql16, postgresql17

This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: - bsc1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane...

CVE-2021-38599

WAL-G before 1.1, when a non-libsodium build e.g., one of the official binary releases published as GitHub Releases is used, silently ignores the libsodium encryption key and uploads cleartext backups. This is arguably a Principle of Least Surprise violation because "the user likely wanted to...

Malicious code in wal-eth (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31f1190c63c1f6bf955ab1d1638b199634786321614c27c73a56718a80770295 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE-SU-2024:4052-1 Security update for postgresql, postgresql16, postgresql17

This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: - bsc1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane...

BIT-ETCD-2020-15106 Improper Input Validation in etcd

In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentional...

PKP-WAL 3.4.0-3 Remote Code Execution Exploit

PKP Web Application Library PKP-WAL versions 3.4.0-3 and below, as used in Open Journal Systems OJS, Open Monograph Press OMP, and Open Preprint Systems OPS before versions 3.4.0-4 or 3.3.0-16, suffer from a NativeImportExportPlugin related remote code execution vulnerability...

CVE-2023-47271

PKP-WAL aka PKP Web Application Library or pkp-lib before 3.3.0-16, as used in Open Journal Systems OJS and other products, does not verify that the file named in an XML document used for the native import/export plugin is an image file, before trying to use it for an issue cover image...