Security update for python-pyOpenSSL

This update for python-pyOpenSSL fixes the following issue Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15.4 zypper in -t patch...

CVE-2020-2261

creationtimestamp| type| source ---|---|--- 2025-08-18 21:02:43+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lwpcboh4mt2n...

CVE-2023-2261

The WP Activity Log plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handleajaxcall function in versions up to, and including, 4.5.0. This makes it possible for authenticated attackers, with subscriber-level access or higher, to obtain a list of...

CVE-2022-2261

The WPIDE WordPress plugin before 3.0 does not sanitize and validate the filename parameter before using it in a require statement in the admin dashboard, leading to a Local File Inclusion issue...

CVE-2019-2261

Unauthorized access from GPU subsystem to HLOS or other non secure subsystem memory can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired...

CVE-2025-2261

creationtimestamp| type| source ---|---|--- 2025-05-21 21:52:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lppllfmhot2t...

CVE-2025-2261

CVE-2025-2261 is a Stored XSS in TIBCO ActiveMatrix Administrator affecting TIBCO BPM Enterprise. The vulnerability arises when user input is stored in a data store and later rendered without proper filtering, allowing malicious data to appear as part of the website and run in a user’s browser wi...

openSUSE Security Advisory (SUSE-SU-2024:2261-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : postgresql15 (SUSE-SU-2024:2261-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2261-1 advisory. - Upgrade to 15.7. bsc1224051 - CVE-2024-4317: Restrict visibility of pgstatsext and pgstatsextexprs entries to the table owne...

CVE-2024-2261

The Event Tickets and Registration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.8.2 via the RSVP functionality. This makes it possible for authenticated attackers, with contributor access and above, to extract sensitive data includin...

CVE-2024-2261 Event Tickets and Registration <= 5.8.2 - Improper Authorization to Information Disclosure

The Event Tickets and Registration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.8.2 via the RSVP functionality. This makes it possible for authenticated attackers, with contributor access and above, to extract sensitive data includin...

WordPress Event Tickets Plugin <= 5.8.2 is vulnerable to Broken Access Control

Software Event Tickets Type Plugin Vulnerable versions = 5.8.2 Fixed in 5.8.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-2261 Patch priority Low CVSS severity Low 4.3 Developer Liquid Web / StellarWP PSID 4127cd4a2b13 Credits Tim Coen Required privile...

Amazon Linux 2 : ghostscript (ALAS-2023-2261)

The version of ghostscript installed on the remote host is prior to 9.25-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2261 advisory. A buffer overflow vulnerability in pcxwriterle in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remo...

WordPress WP Activity Log Plugin < 4.5.2 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpwhitesecurity:wpactivitylog"; ifdescription...

WordPress WP Activity Log Plugin < 4.5.2 is vulnerable to Sensitive Data Exposure

Software WP Activity Log Type Plugin Vulnerable versions 4.5.2 Fixed in 4.5.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-2261 Patch priority Medium CVSS severity Medium 4.3 Developer Melapress PSID 40c85e58b056 Credits Marco Wotschka Required...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : terraform-provider-null (SUSE-SU-2023:2261-2)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2261-2 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's...

CVE-2023-2261

The WP Activity Log plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handleajaxcall function in versions up to, and including, 4.5.0. This makes it possible for authenticated attackers, with subscriber-level access or higher, to obtain a list of...

CVE-2023-2261 WP Activity Log <= 4.5.0 - Missing Capabilities Check to User Enumeration

The WP Activity Log plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handleajaxcall function in versions up to, and including, 4.5.0. This makes it possible for authenticated attackers, with subscriber-level access or higher, to obtain a list of...

CVE-2023-2261

CVE-2023-2261 ffects the WordPress plugin WP Activity Log. The vulnerability is an authorization bypass caused by a missing capability check in the handle_ajax_call function, exposed in versions up to and including 4.5.0. This allows authenticated users with subscriber-level access or higher to e...

Oracle Linux 9 : bind (ELSA-2023-2261)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2261 advisory. - Handle subtle difference between upstream and rhel CVE-2022-3094 - Prevent flooding with UPDATE requests CVE-2022-3094 - Handle RRSIG queries when...