63 matches found
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: neuvector-sigstore-interface, pulumi-language-dotnet, rootlesskit, grype, flux-notification-controller, fscrypt, argocd-image-updater, gitlab-runner, terraform-provider-azurerm, crossplane-provider-azure-storage, scorecard, rancher, trivy-operator, k9s, witness, age,...
SUSE-SU-2026:21173-1 Security update for sqlite3
This update for sqlite3 fixes the following issues: Update sqlite3 to version 3.51.3: Security issues: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Non security issue:...
SUSE-SU-2026:21095-1 Security update for sqlite3
This update for sqlite3 fixes the following issues: Update sqlite3 to version 3.51.3: Security issues: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Non security issue:...
SUSE SLED15: libsqlite3-0 / libsqlite3-0-32bit / sqlite3 / sqlite3-devel / etc (SUSE-SU-2026:1065-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1065-1 advisory. Update sqlite3 to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. -...
Security update for sqlite3
This update for sqlite3 fixes the following issues: Update sqlite3 to 3.51.3: CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database corruption...
SUSE-SU-2026:1065-1 Security update for sqlite3
This update for sqlite3 fixes the following issues: Update sqlite3 to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database...
SUSE-SU-2026:20771-1 Security update for sqlite3
This update for sqlite3 fixes the following issues: Update to sqlite3 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Update to version 3.51.3: Fix the...
Security update for sqlite3
This update for sqlite3 fixes the following issues: Update to 3.51.3: CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database corruption bug:...
SUSE-SU-2026:0955-1 Security update for sqlite3
This update for sqlite3 fixes the following issues: Update to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database corruption bug...
SUSE-SU-2026:20794-1 Security update for sqlite3
This update for sqlite3 fixes the following issues: Update to version 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Update to version 3.51.3: Fix the...
GHSA-Q9HV-HPM4-HJ6X vulnerabilities
Vulnerabilities for packages: pulumi-language-dotnet, grafana-alloy, grype, flux-notification-controller, crossplane-provider-aws-kinesis, argocd-image-updater, cerbos, gitlab-runner, terraform-provider-azurerm, crossplane-provider-azure-storage, scorecard, crossplane-provider-aws-cloudformation,...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: pulumi-language-dotnet, grafana-alloy, grype, flux-notification-controller, crossplane-provider-aws-kinesis, argocd-image-updater, cerbos, gitlab-runner, terraform-provider-azurerm, crossplane-provider-azure-storage, scorecard, crossplane-provider-aws-cloudformation,...
CVE-2026-1229 vulnerabilities
Vulnerabilities for packages: crossplane-provider-family-aws-fips, argo-cd, helm-diff-fips, extism, argo-rollouts-fips, terraform-provider-databricks-fips, wal-g, datadog-agent-fips, cluster-api-fips, terraform-provider-azuread-fips, crossplane-provider-aws-kinesis-fips,...
EUVD-2023-0749
Malicious code in bioql PyPI...
SUSE-SU-2025:01799-1 Security update for postgresql, postgresql16, postgresql17
This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: - bsc1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane...
CVE-2021-38599
WAL-G before 1.1, when a non-libsodium build e.g., one of the official binary releases published as GitHub Releases is used, silently ignores the libsodium encryption key and uploads cleartext backups. This is arguably a Principle of Least Surprise violation because "the user likely wanted to...
Malicious code in wal-eth (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31f1190c63c1f6bf955ab1d1638b199634786321614c27c73a56718a80770295 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
SUSE-SU-2024:4052-1 Security update for postgresql, postgresql16, postgresql17
This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: - bsc1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane...
BIT-ETCD-2020-15106 Improper Input Validation in etcd
In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentional...
PKP-WAL 3.4.0-3 Remote Code Execution Exploit
PKP Web Application Library PKP-WAL versions 3.4.0-3 and below, as used in Open Journal Systems OJS, Open Monograph Press OMP, and Open Preprint Systems OPS before versions 3.4.0-4 or 3.3.0-16, suffer from a NativeImportExportPlugin related remote code execution vulnerability...