SUSE SLED15 / SLES15 / openSUSE 15 Security Update : webkit2gtk3 (SUSE-SU-2026:1364-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1364-1 advisory. Update to version 2.52.0. Security issues fixed: - CVE-2023-43010: processing maliciously crafte...

CVE-2025-31277

creationtimestamp| type| source ---|---|--- 2025-08-26 08:16:53+00:00| seen| https://vulnerability.circl.lu/bundle/c1aa3b44-ae54-436b-b3c3-a88194ecb70e 2026-03-18 15:22:35+00:00| exploited| https://t.me/truesecator/8007 2026-03-19 21:02:58+00:00| seen|...

CVE-2025-31277

A flaw was found in WebKitGTK. Processing malicious web content can cause memory corruption due to improper memory handling. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4: evolution-data-server,...

CVE-2025-31277

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption...

CVE-2025-31277

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption...

CVE-2025-31277

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption...

CVE-2025-31277

CVE-2025-31277 affects Apple Web content handling (Safari and related OS components). Root cause: memory handling flaw that may trigger memory corruption when processing maliciously crafted web content. Affected/affected-by: Safari 18.6; watchOS 11.6; visionOS 2.6; iOS 18.6; iPadOS 18.6; macOS Se...

CVE-2024-31277

CVE-2024-31277 affects PickPlugins Product Designer (WordPress plugin) up to version 1.0.32. Root cause: Deserialization of untrusted data leading to unauthenticated PHP Object Injection. Impact: potential compromise of data integrity and confidentiality as indicated by CVSS, with unauthenticated...

CVE-2024-31277 WordPress Product Designer plugin <= 1.0.32 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in PickPlugins Product Designer.This issue affects Product Designer: from n/a through 1.0.32...

WordPress Product Designer Plugin <= 1.0.32 is vulnerable to PHP Object Injection

Software Product Designer Type Plugin Vulnerable versions = 1.0.32 Fixed in 1.0.33 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-31277 Patch priority High CVSS severity High 8.7 Developer Claim ownership PSID c28d30a48452 Credits Yudistira Arya Required privilege...

CVE-2023-31277

creationtimestamp| type| source ---|---|--- 2023-07-07 02:25:42+00:00| seen| https://t.me/cibsecurity/66169...

CVE-2023-31277

PiiGAB M-Bus transmits credentials in plaintext format...

CVE-2023-31277

CVE-2023-31277 corresponds to PiiGAB M-Bus vulnerability: Unprotected Transport of Credentials due to plaintext transmission in the M-Bus SoftwarePack 900S. Impacted product: PiiGAB M-Bus (M-Bus SoftwarePack 900S). Root cause: credentials transmitted in clear text over the network, enabling poten...

CVE-2023-31277 PiiGAB M-Bus Unprotected Transport of Credentials

PiiGAB M-Bus transmits credentials in plaintext format...

CVE-2023-31277 PiiGAB M-Bus Unprotected Transport of Credentials

PiiGAB M-Bus transmits credentials in plaintext format...

CVE-2022-31277

creationtimestamp| type| source ---|---|--- 2022-06-16 18:26:29+00:00| seen| https://t.me/cibsecurity/44625...