Security update for glibc-livepatches

This update for glibc-livepatches fixes the following issue: Security fixes: CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261209. Other fixes: Fix problems with livepatches targeting libc-2.31.so instead of libc.so.6 in 15.4 bsc1263035...

CVE-2026-25032

CVE-2026-25032 affects WordPress Ricky theme versions prior to 2.31. The issue is a Deserialization of Untrusted Data vulnerability that allows PHP Object Injection via the Ricky theme’s deserialization path. Current sources describe the affected component as the Ricky WordPress theme and indicat...

CVE-2026-25032 WordPress Ricky theme < 2.31 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in parkofideas Ricky ricky allows Object Injection.This issue affects Ricky: from n/a through 2.31...

WordPress plugin Ricky 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

PT-2026-27891

Name of the Vulnerable Software and Affected Versions Ricky versions prior to 2.31 Description The software contains a flaw due to deserialization of untrusted data, which allows for object injection. Recommendations Update to version 2.31 or later...

Arbitrary File Upload

Overview Affected versions of this package are vulnerable to Arbitrary File Upload via the media upload functionality. An attacker can execute arbitrary code on the server by uploading a specially crafted PHP file after authenticating. Remediation Upgrade dotclear/dotclear to version 2.31 or...

EUVD-2021-1690

Malware in sbrugna...

CVE-2025-52543

CVE-2025-52543 affects E3 Site Supervisor Control (firmware versions prior to 2.31F01) and its application services MGW/RCI. The root cause is use of client-side hashing for authentication, enabling an attacker to authenticate by obtaining only a password hash. Public references consistently desc...

Linux Distros Unpatched Vulnerability : CVE-2018-17359

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. An invalid memory access exists in bfdzalloc ...

CVE-2021-38713

imgURL 2.31 allows XSS via an X-Forwarded-For HTTP header...

Debian: Security Advisory (DLA-4143-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress plugin Pure Chat – Live Chat & More! 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

CVE-2023-49835

Missing Authorization vulnerability in Metaphor Creations Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Duplicator: from n/a through 2.31...

WordPress plugin Post Duplicator 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-46453

A cross-site scripting XSS vulnerability in the component /test/ of iq3xcite v2.31 to v3.05 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

Trend IQ3xcite 安全漏洞

Trend Micro Trend IQ3xcite is a building management system controller from Trend Micro that uses Ethernet and TCP/IP networking technologies. A security vulnerability exists in Trend IQ3xcite versions v2.31 through v3.05 that stems from vulnerability to a cross-site scripting attack that allows a...

CVE-2024-29967

In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files. The vulnerability could allow a sudo privileged user on the host OS to read and write access to...

SUSE CVE-2018-17359

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. An invalid memory access exists in bfdzalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service application crash via a crafted ELF file...

SUSE CVE-2018-18484

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplusdemangletype, dbarefunctiontype,...

SUSE CVE-2018-18605

A heap-based buffer over-read issue was discovered in the function secmergehashlookup in merge.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31, because bfdaddmergesection mishandles section merges when size is not a multiple of entsize. A specially...