[slackware-security] gnutls

New gnutls packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/gnutls-3.8.12-i586-1slack15.0.txz: Upgraded. This update fixes security issues: libgnutls: Fix NULL pointer dereference in PSK binder...

Fedora: Security Advisory (FEDORA-2026-ef7170c9f6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

gnutls-3.8.12-1.1 on GA media (moderate)

gnutls-3.8.12-1.1 on GA media Announcement ID: openSUSE-SU-2026:10177-1 Rating: moderate Cross-References: CVE-2025-14831 CVE-2026-1584 CVSS scores: CVE-2025-14831 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2025-14831 SUSE : 6.9...

BELL-CVE-2026-1584

Bulletin has no description...

CVE-2026-1584

creationtimestamp| type| source ---|---|--- 2026-02-09 20:38:05+00:00| seen| https://seclists.org/oss-sec/2026/q1/155 2026-02-09 21:59:21+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mehh26gnqo23 2026-02-10 14:25:28+00:00| seen|...

EUVD-2026-1584

A vulnerability was determined in code-projects Intern Membership Management System 1.0. Affected is an unknown function of the file /intern/admin/checkadmin.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been...

PT-2026-7242

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A flaw exists related to pre-shared key PSK binder verification during Transport Layer Security TLS 1.3 resumption attempts. The issue is triggered when an invalid PSK binder value is present in the...

CVE-2024-1584

The Analytify – Google Analytics Dashboard For WordPress GA4 analytics made easy plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpacheckauthentication' function in all versions up to, and including, 5.2.1. This makes it possible f...

CVE-2022-1584

Reflected XSS in GitHub repository microweber/microweber prior to 1.2.16. Executing JavaScript as the victim...

CVE-2011-1584

The updateFile function in inc/core/class.dc.media.php in the Media Manager in Dotclear before 2.2.3 does not properly restrict pathnames, which allows remote authenticated users to upload and execute arbitrary PHP code via the mediapath or mediafile parameter. NOTE: some of these details are...

Linux Distros Unpatched Vulnerability : CVE-2012-1584

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the mid function in toolkit/tbytevector.cpp in TagLib 1.7 and earlier allows context- dependent attackers to cause a denial of service...

com.easy-flowable:easy-flowable-solon-plugin (>=1.0.0 <=1.0.2), com.luomor.pcsms:pcsms-solon-plugin-example (>=1.0.0 <=1.0.1) +17 more potentially affected by CVE-2025-1584 via org.noear:solon-web-staticfiles (>=2.9.2-M1 <=3.0.9-M2)

org.noear:solon-web-staticfiles MAVEN version =2.9.2-M1, =1.0.0, =1.0.0, =2024.3.0, =1.3.0, =20250107, =3.3.4, =1.8.4, =1.3.1, =1.7.8, =1.8.0, =2.9.2, =2.9.2, =2.9.2, =2.9.2, =3.0.10-M1 and more Source cves: CVE-2025-1584 Source advisory: OSV:GHSA-X8Q6-CCHR-P7M6...

WordPress Analytify Plugin <= 5.2.3 is vulnerable to Broken Access Control

Software Analytify Type Plugin Vulnerable versions = 5.2.3 Fixed in 5.2.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1584 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5e5adc4ec40e Credits Francesco Carlucci Required privileg...

CVE-2023-1584

creationtimestamp| type| source ---|---|--- 2023-10-04 14:11:46+00:00| seen| https://t.me/cibsecurity/71551...

com.abavilla:fpi-bot-api (>=1.6.0 <=1.6.2), com.abavilla:fpi-bot-api-parent (>=1.6.0 <=1.6.2) +136 more potentially affected by CVE-2023-1584 via io.quarkus:quarkus-oidc (>=3.0.0.Alpha1 <=3.1.0.CR1)

io.quarkus:quarkus-oidc MAVEN version =3.0.0.Alpha1, =1.6.0, =1.6.0, =1.8.0, =1.8.0, =1.6.0, =1.6.0, =1.8.0, =1.8.0, =1.0.25, =1.0.25, =1.5.0, =1.5.0, =1.3.1, =1.3.1, =1.3.4, =1.3.6 and more Source cves: CVE-2023-1584 Source advisory: OSV:GHSA-6HC9-CF8X-HF83...

CVE-2023-1584

CVE-2023-1584 affects Quarkus OIDC, where the authorizationCode flow can leak both ID and access tokens if HTTP is insecure. This exposes sensitive user data from the IDToken or via the access token to OIDC provider services. Related disclosures cite Red Hat advisory RHSA-2023:7653, GHSA-6HC9-CF8...

AlmaLinux 8 : kernel-rt (ALSA-2023:1584)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:1584 advisory. - A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration redirecting egress packets to ingress using...

Cisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation (CVE-2021-1584)

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI mode could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient restrictions during the execution of a specific CLI command...

Rocky Linux 8 : kernel-rt (RLSA-2023:1584)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:1584 advisory. - A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration redirecting egress packets to ingress usi...

RHEL 8 : kernel-rt (RHSA-2023:1584)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1584 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...