openSUSE 16 Security Update : raylib (openSUSE-SU-2026:20717-1)

"The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20717-1 advisory. Changes in raylib: - security update: CVE-2025-15533: Fix heap-based buffer overflow via GenImageFontAtlas function manipulation bsc1256900...

OPENSUSE-SU-2026:20717-1 Security update for raylib

This update for raylib fixes the following issues: Changes in raylib: - security update: CVE-2025-15533: Fix heap-based buffer overflow via GenImageFontAtlas function manipulation bsc1256900 CVE-2025-15534: Fix integer overflow vulnerability in LoadFontData bsc1256901 - Update to 5.5: NEW raylib...

EUVD-2024-37802

Malicious code in bioql PyPI...

Malicious code in athira-windows-x64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d29372690a56d28aaf32363029d85a2f0f5b5eddbe8a7a2bb62435171567b354 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-38203

Windows Package Library Manager Information Disclosure Vulnerability...

CVE-2024-38203 Windows Package Library Manager Information Disclosure Vulnerability

...

Microsoft Windows Package Manager 安全漏洞

Microsoft Windows Package Manager is a comprehensive package manager solution from Microsoft Corporation USA. A system or set of tools used to automate the installation, upgrade, configuration, and use of software. Most package managers are designed to discover and install developer tools. A...

PT-2024-8087 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to a component of the Microsoft Windows operating system, specifically the Windows Package Library Manager, which has a flaw in its data protection mechanism...

Blue Server Security Vulnerability

Blue Server is a WAMP package that allows you to run a web server with Apache, MySQL, PHP and phpMyAdmin on any Microsoft Windows operating system. A security vulnerability exists in Blue Server version 1.1, which stems from the component Connection Handler that can cause a denial of service...

CVE-2022-41722

A flaw was found in Go, where it could allow a remote attacker to traverse directories on the system, caused by improper validation of user requests by the filepath.Clean on Windows package. This flaw allows an attacker to send a specially-crafted URL request containing "dot dot" sequences /../ t...

CVE-2022-24549 Windows AppX Package Manager Elevation of Privilege Vulnerability

...

New Backdoor Targets French Entities via Open-Source Package Installer

Researchers have exposed a new targeted email campaign aimed at French entities in the construction, real estate, and government sectors that leverages the Chocolatey Windows package manager to deliver a backdoor called Serpent on compromised systems. Enterprise security firm Proofpoint attribute...

Command injection

lib/cmd.js in the node-windows package before 1.0.0-beta.6 for Node.js allows command injection via the PID parameter...

SysAid Help Desk rdslogs Arbitrary File Upload Exploit

This Metasploit module exploits a file upload vulnerability in SysAid Help Desk v14.3 and v14.4. The vulnerability exists in the RdsLogsEntry servlet which accepts unauthenticated file uploads and handles zip file contents in a insecure way. Combining both weaknesses a remote attacker can...