SUSE-SU-2026:0806-1 Security update for wicked2nm,suse-migration-services,suse-migration-sle16-activation,SLES16-Migration,SLES16-SAP_Migration

This update for wicked2nm,suse-migration-services,suse-migration-sle16-activation,SLES16-Migration,SLES16-SAPMigration fixes the following issues: Changes for SLES16-SAPMigration: - Bump version: 2.1.30 Changes for SLES16-Migration: - Bump version: 2.1.30 Changes for...

WordPress Blocksy plugin <= 2.1.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via `blocksy_meta` Fields vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via blocksymeta Fields vulnerability discovered by Quốc Huy jtwings - Puramu in WordPress Theme Blocksy versions = 2.1.30...

CVE-2026-2583

The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the blocksymeta metadata fields in all versions up to, and including, 2.1.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acce...

CVE-2026-2583

The CVE describes a Stored Cross-Site Scripting issue in the Blocksy theme for WordPress, affecting versions up to 2.1.30. The vulnerability arises from insufficient input sanitization and output escaping in the blocksy_meta fields, allowing authenticated attackers with Contributor-level access a...

PT-2026-22705

Name of the Vulnerable Software and Affected Versions Blocksy theme for WordPress versions up to and including 2.1.30 Description The Blocksy theme for WordPress is susceptible to Stored Cross-Site Scripting through the blocksy meta metadata fields. Insufficient input sanitization and output...

WordPress plugin Blocksy 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CVE-2023-26917

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lyspstmtvalidatevalue at lysparsemem.c...

DEBIAN-CVE-2023-26917

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lyspstmtvalidatevalue at lysparsemem.c...

libyang 代码问题漏洞

libyang is a YANG data modeling language parser and toolkit written in C. A security vulnerability exists in libyang versions v2.0.164 through v2.1.30, which stems from the discovery of a NULL pointer dereference vulnerability via the function lysstmtvalidatevalue in lysparsemem.c that contains a...

PT-2023-20845

Name of the Vulnerable Software and Affected Versions: libyang versions 2.0.164 through 2.1.30 Description: The issue is related to a NULL pointer dereference in the function lysp stmt validate value at lys parse mem.c. This problem can be triggered, potentially leading to unintended behavior or...

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.

...

SUSE CVE-2023-26916

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysparsemem at lysparsemem.c...

AZL-25966 CVE-2023-26916 affecting package libyang for versions less than 2.1.55-1

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysparsemem at lysparsemem.c...

DEBIAN-CVE-2023-26916

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysparsemem at lysparsemem.c...

libyang 代码问题漏洞

libyang is a YANG data modeling language parser and toolkit written in C. A security vulnerability exists in libyang versions v2.0.164 through v2.1.30, which stems from a NULL pointer dereference in the function lysparsemem in lysparsemem.c. The vulnerability is caused by a NULL pointer dereferen...

Code injection

GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type, and a web browser may perform MIME sniffing,...

PT-2020-3649 · Gnu +6 · Gnu Mailman +6

Name of the Vulnerable Software and Affected Versions: GNU Mailman versions 2.x through 2.1.29 GNU Mailman version 2.1.30 is not affected, but all versions prior to 2.1.30 are vulnerable. Description: The issue is related to the handling of MIME parts in GNU Mailman, which may contribute to...