OPENSUSE-SU-2026:10001-1 dirmngr-2.5.16-1.1 on GA media

These are all security issues fixed in the dirmngr-2.5.16-1.1 package on the GA media of openSUSE Tumbleweed...

Slackware Linux 15.0 / current gnupg2 Multiple Vulnerabilities (SSA:2025-364-01)

The version of gnupg2 installed on the remote host is prior to 2.2.52 / 2.5.16. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-364-01 advisory. New gnupg2 packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the...

CVE-2021-32789

woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce Blocks feature plugin between version 2.5.0 and prior to version 2.5.16. Via a carefully crafted URL, an exploit can be...

SUSE CVE-2018-1327

The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as described here...

PT-2022-4713

Name of the Vulnerable Software and Affected Versions SUSE Rancher versions prior to 2.6.7 SUSE Rancher versions prior to 2.5.16 Description The issue is related to an Improper Authorization vulnerability in SUSE Rancher. It allows any user with permissions to create or edit cluster role template...

Rancher Labs Rancher 安全漏洞

Rancher Labs Rancher is an open source enterprise container management platform from Rancher Labs, Inc. in the United States. A security vulnerability exists in Rancher for SUSE prior to version 2.6.7 and Rancher Labs Rancher prior to version 2.5.16, which stems from an improper authorization...

PT-2022-4760 · Suse · Suse Rancher

Name of the Vulnerable Software and Affected Versions: SUSE Rancher versions prior to 2.5.16 SUSE Rancher versions prior to 2.6.7 Description: The issue is related to the cleartext storage of sensitive information in SUSE Rancher, allowing authenticated users to retrieve plaintext versions of...

WordPress WooCommerce Blocks SQL plugin injection vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers.WooCommerce Blocks plugin is a WordPress open source application plugin.WooCommerce Blocks feature plugin version...

CVE-2021-32789

woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce Blocks feature plugin between version 2.5.0 and prior to version 2.5.16. Via a carefully crafted URL, an exploit can be...

CVE-2021-32789 Arbitrary SQL (SQL injection) possible via the Store API component.

woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce Blocks feature plugin between version 2.5.0 and prior to version 2.5.16. Via a carefully crafted URL, an exploit can be...

WordPress SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers.WooCommerce Blocks plugin is a WordPress open source application plugin.WooCommerce Blocks feature plugin version...

GHSA-38CR-2PH5-FRR9 Apache Struts REST Plugin can potentially allow a DoS attack

The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as described here...

Apache Struts REST Plugin can potentially allow a DoS attack

The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as described here...

Apache Struts 2.x Remote Code Execution Vulnerability

Man Yue Mo from the Semmle Security Research team noticed that Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible remote code execution vulnerabilities. CVEID:CVE-2018-11776 PRODUCT:Apache Struts VERSION:Apache Struts 2.3 to 2.3.34 and 2.5 to 2.5.16 PROBLEMTYPE:Remote Cod...

Read: Apache Struts Patches ‘Critical Vulnerability’ CVE-2018-11776

On August 22, Apache Struts released a security patch fixing a critical remote code execution vulnerability. This vulnerability has been assigned CVE-2018-11776 S2-057 and affects Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16. The vulnerability was responsibly disclosed by Man Yue Mo fro...

CVE-2018-11776

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true either by user or a plugin like Convention Plugin and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace...

CVE-2018-11776

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true either by user or a plugin like Convention Plugin and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace...

Apache Struts Security Update (S2-056)

Apache Struts is prone to a denial of service DoS vulnerability. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

CVE-2018-1327

The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as described here...

Design/Logic Flaw

The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as described here...