python39-3.9.24-2.1 on GA media (moderate)

python39-3.9.24-2.1 on GA media Announcement ID: openSUSE-SU-2025:15792-1 Rating: moderate Cross-References: CVE-2025-6075 CVE-2025-8291 CVSS scores: CVE-2025-6075 SUSE : 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2025-6075 SUSE : 1.8...

OPENSUSE-SU-2025:15792-1 python39-3.9.24-2.1 on GA media

These are all security issues fixed in the python39-3.9.24-2.1 package on the GA media of openSUSE Tumbleweed...

openSUSE 15 Security Update : python39 (SUSE-SU-2025:4221-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4221-1 advisory. Updated to 3.9.24: - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 - CVE-2025-8291: Fixed validit...

Fedora 43 : python3.9 (2025-cf4edeb201)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-cf4edeb201 advisory. Update to Python 3.9.24 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Fedora: Security Advisory (FEDORA-2025-1995db5517)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : python3.9 (2025-9b7f0b545c)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-9b7f0b545c advisory. Update to Python 3.9.24 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

BIT-JOOMLA-2021-23126 [20210301] - Core - Insecure randomness within 2FA secret generation

An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand function within the process of generating the 2FA secret...

PT-2023-29283 · WordPress · Locatoraid Store Locator

Name of the Vulnerable Software and Affected Versions: Locatoraid Store Locator WordPress plugin versions prior to 3.9.24 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because the lpr-search parameter is not properly sanitised and escaped before being...

Joomla! 1.6.0 - 3.9.24 ACL Vulnerability

Joomla! is prone to an ACL violation vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla"; ifdescription...

Joomla! path traversal vulnerability (CNVD-2021-16936)

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A path traversal vulnerability exists in Joomla! 3.0.0 - 3.9.24. An attacker can...

Joomla! 3.2.0 - 3.9.24 Multiple Vulnerabilities

Joomla! is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla"; ifdescription...

Input validation

An issue was discovered in Joomla! 3.2.0 through 3.9.24. Missing input validation within the template manager...

PT-2021-15381 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 3.2.0 through 3.9.24 Description: An issue was discovered in the usage of the insecure rand function within the process of generating the 2FA secret. Recommendations: For versions 3.2.0 through 3.9.24, consider updating to a...

PT-2021-15387 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 3.0.0 through 3.9.24 Description: An issue was discovered in the com media component, which allowed paths that are not intended for image uploads. Recommendations: For Joomla! versions 3.0.0 through 3.9.24, consider restricti...

PT-2021-16920 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 3.0.0 through 3.9.24 Description: An issue was discovered where incorrect ACL checks could allow unauthorized change of the category for an article. Recommendations: For Joomla! versions 3.0.0 through 3.9.24, update to a...

PT-2021-16922 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 1.6.0 through 3.9.24 Description: An issue was discovered in Joomla! where inadequate filtering of form contents could allow the overwrite of the author field. Recommendations: For Joomla! versions 1.6.0 through 3.9.24, updat...

PT-2021-16921 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 3.0.0 through 3.9.24 Description: An issue was discovered where extracting a specifically crafted zip package could write files outside of the intended path. Recommendations: For Joomla! versions 3.0.0 through 3.9.24, update ...

PT-2021-15384 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 2.5.0 through 3.9.24 Description: An issue was discovered that could lead to xss issues due to missing filtering of messages shown to users. Recommendations: For Joomla! versions 2.5.0 through 3.9.24, update to a version that...

Joomla 输入验证错误漏洞

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A vulnerability exists in Joomla! 3.2.0 - 3.9.24 where the template manager lacks...

Joomla 跨站脚本漏洞

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A cross-site scripting vulnerability exists in Joomla! 2.5.0 - 3.9.24. The...