24 matches found
openSUSE 16 Security Update : trivy (openSUSE-SU-2026:20191-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20191-1 advisory. Changes in trivy: - Update to version 0.69.0 bsc1255366, CVE-2025-64702: release: v0.69.0 main 9886 chore: bump trivy-checks to v2 9875 choredep...
OPENSUSE-SU-2026:20191-1 Security update for trivy
This update for trivy fixes the following issues: Changes in trivy: - Update to version 0.69.0 bsc1255366, CVE-2025-64702: release: v0.69.0 main 9886 chore: bump trivy-checks to v2 9875 choredeps: bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to 2.4.1 10091 fixrepo: return a nil interfa...
OPENSUSE-SU-2026:10131-1 trivy-0.69.0-1.1 on GA media
These are all security issues fixed in the trivy-0.69.0-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2025-14338
Polkit authentication dis isabled by default and a race condition in the Polkit authorization check in versions before v0.69.0 can lead to the same issues as in CVE-2025-66005...
CVE-2025-14338
Polkit authentication dis isabled by default and a race condition in the Polkit authorization check in versions before v0.69.0 can lead to the same issues as in CVE-2025-66005...
CVE-2025-14338
CVE-2025-14338 describes a Polkit-related race condition affecting authentication checks, tied to InputPlumber and echoing issues from CVE-2025-66005. Affected software/component: Polkit authorization checks in versions before v0.69.0, with the note that Polkit authentication is disabled by defau...
CVE-2025-64115
Movary is a web application to track, rate and explore your movie watch history. Versions up to and including 0.68.0 use the HTTP Referer header value directly for redirects in multiple settings endpoints, allowing a crafted link to cause an open redirect to an attacker-controlled site and...
CVE-2025-64116
Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect parameter without validation, allowing attackers to redirect authenticated users to arbitrary external sites. This vulnerability is fixed in 0.69.0...
CVE-2025-64115
Movary is a web application to track, rate and explore your movie watch history. Versions up to and including 0.68.0 use the HTTP Referer header value directly for redirects in multiple settings endpoints, allowing a crafted link to cause an open redirect to an attacker-controlled site and...
CVE-2025-64116
Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect parameter without validation, allowing attackers to redirect authenticated users to arbitrary external sites. This vulnerability is fixed in 0.69.0...
CVE-2025-64115 Movary unvalidated Referer header allows open redirect and phishing
Movary is a web application to track, rate and explore your movie watch history. Versions up to and including 0.68.0 use the HTTP Referer header value directly for redirects in multiple settings endpoints, allowing a crafted link to cause an open redirect to an attacker-controlled site and...
CVE-2025-64115
Summary: Movary (web application) prior to 0.69.0 is affected by an open redirect in multiple settings endpoints that directly used the HTTP Referer header for redirects (versions up to and including 0.68.0). This can enable phishing via crafted links to attacker‑controlled sites. Affected compon...
EUVD-2025-37040
Movary is a web application to track, rate and explore your movie watch history. Versions up to and including 0.68.0 use the HTTP Referer header value directly for redirects in multiple settings endpoints, allowing a crafted link to cause an open redirect to an attacker-controlled site and...
CVE-2025-64116 Movary vulnerable to an open redirect
Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect parameter without validation, allowing attackers to redirect authenticated users to arbitrary external sites. This vulnerability is fixed in 0.69.0...
EUVD-2025-37042
Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect parameter without validation, allowing attackers to redirect authenticated users to arbitrary external sites. This vulnerability is fixed in 0.69.0...
CVE-2025-64116 Movary vulnerable to an open redirect
Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect parameter without validation, allowing attackers to redirect authenticated users to arbitrary external sites. This vulnerability is fixed in 0.69.0...
CVE-2025-64116
Movary (a web app for tracking and exploring movie watch history) is affected by CVE-2025-64116. Prior to version 0.69.0, the login page accepts a redirect parameter without validation, enabling open redirect to arbitrary external sites. The issue is fixed in 0.69.0. Affected components: login/re...
CVE-2025-64116 Movary vulnerable to an open redirect
Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect parameter without validation, allowing attackers to redirect authenticated users to arbitrary external sites. This vulnerability is fixed in 0.69.0...
PT-2025-44442
Name of the Vulnerable Software and Affected Versions Movary versions prior to 0.69.0 Description Movary, a web application for tracking movie watch history, is susceptible to an open redirect issue. Versions up to and including 0.68.0 directly utilize the HTTP Referer header value for redirects...
Movary 输入验证错误漏洞
Movary is a movie review program by Lee Peuker Personal Developer. An input validation error vulnerability exists in Movary versions prior to 0.69.0, which stems from the login page not validating the redirection parameter, which could lead to a redirection attack...