openSUSE 16 Security Update : roundcubemail (openSUSE-SU-2026:20586-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20586-1 advisory. Changes in roundcubemail: - update to 1.6.15 This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to some...

Security update for roundcubemail (important)

openSUSE Security Update: Security update for roundcubemail Announcement ID: openSUSE-SU-2026:0141-1 Rating: important References: 1261157 1261488 Cross-References: CVE-2026-35537 Affected Products: openSUSE Backports SLE-15-SP7 An update that solves one vulnerability and has one errata is now...

[SECURITY] Fedora 43 Update: roundcubemail-1.6.15-1.fc43

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Incorrect Resource Transfer Between Spheres

Overview Affected versions of this package are vulnerable to Incorrect Resource Transfer Between Spheres in the remote image blocking process. An attacker can cause unauthorized remote image loading by embedding specially crafted SVG content with animate elements using attributes such as fill,...

Roundcube Webmail 安全漏洞

Roundcube Webmail is an open-source browser-based IMAP client developed by Roundcube. It supports address book management, information search, spelling checking, and more. Versions of Roundcube Webmail prior to 1.5.15 and 1.6.15 contained security vulnerabilities. These vulnerabilities stemmed fr...

CVE-2025-67520

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tiny Solutions Media Library Tools media-library-tools allows SQL Injection.This issue affects Media Library Tools: from n/a through = 1.6.15...

EUVD-2025-202124

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tiny Solutions Media Library Tools media-library-tools allows SQL Injection.This issue affects Media Library Tools: from n/a through = 1.6.15...

CVE-2025-67520

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tiny Solutions Media Library Tools media-library-tools allows SQL Injection.This issue affects Media Library Tools: from n/a through = 1.6.15...

CVE-2025-67520 WordPress Media Library Tools plugin <= 1.6.15 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tiny Solutions Media Library Tools media-library-tools allows SQL Injection.This issue affects Media Library Tools: from n/a through = 1.6.15...

CVE-2025-67520

CVE-2025-67520: WordPress plugin Media Library Tools (media-library-tools)

CVE-2025-67520 WordPress Media Library Tools plugin <= 1.6.15 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tiny Solutions Media Library Tools media-library-tools allows SQL Injection.This issue affects Media Library Tools: from n/a through = 1.6.15...

WordPress plugin Media Library Tools SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injection...

PT-2025-49896

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tiny Solutions Media Library Tools media-library-tools allows SQL Injection.This issue affects Media Library Tools: from n/a through = 1.6.15...

EUVD-2024-19752

Malicious code in bioql PyPI...

EUVD-2024-19750

Malicious code in bioql PyPI...

CVE-2024-22156

Missing Authorization vulnerability in SNP Digital SalesKing.This issue affects SalesKing: from n/a through 1.6.15...

CVE-2024-22154

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SNP Digital SalesKing.This issue affects SalesKing: from n/a through 1.6.15...

PT-2024-26893 · Dbt-Core · Dbt-Core

Name of the Vulnerable Software and Affected Versions: dbt-core versions prior to 1.6.15 dbt-core versions prior to 1.7.15 dbt-core versions prior to 1.8.1 Description: The issue arises from binding to INADDR ANY 0.0.0.0 or IN6ADDR ANY ::, which exposes the application on all network interfaces,...

CVE-2024-22157 WordPress SalesKing plugin <= 1.6.15 - Unauthenticated Privilege Escalation vulnerability

Improper Privilege Management vulnerability in WebWizards SalesKing allows Privilege Escalation.This issue affects SalesKing: from n/a through 1.6.15...

PT-2024-19244 · Webwizards · Salesking

Name of the Vulnerable Software and Affected Versions: SalesKing versions 1.6.15 and earlier Description: The issue is related to Improper Privilege Management, allowing Privilege Escalation in WebWizards SalesKing. Recommendations: For versions 1.6.15 and earlier, update to a version that includ...