CGA-3583-42P3-7WQ2

Bulletin has no description...

RHSA-2024:3583

creationtimestamp| type| source ---|---|--- 2025-08-30 08:22:52+00:00| seen| Telegram/mvZ8NgsrRYGJqSXeB5hg9rgVW-S0L1quSgwaG7p9hO2SM4Y 2025-10-24 12:48:06+00:00| seen| Telegram/BtAZttkW3tMUhy9LhULplNpp4G9yhOARIInV6G962lOs5w...

CLSA-2025-1748451788 Fix CVE(s): CVE-2021-3583

SECURITY UPDATE: template Injection Vulnerability - debian/patches/CVE-2021-3583.patch: fix unsafe preservation across newlines to ensure always having unsafe - CVE-2021-3583...

WordPress Newsletter plugin < 8.7.1 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Newsletter versions 8.7.1...

CVE-2025-3583

creationtimestamp| type| source ---|---|--- 2025-05-05 06:18:39+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14838 2025-05-05 10:01:24+00:00| seen| https://t.me/cvedetector/24441 2025-05-05 10:21:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3log5hwzg732p...

CVE-2025-3583 Newsletter < 8.7.1 - Admin+ Stored XSS

The Newsletter WordPress plugin before 8.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Debian dla-3695 : ansible - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-3695 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3695-2 [email protected] https://www.debian.org/lts/security/...

CGA-95MF-G4G5-3583

Bulletin has no description...

CVE-2024-3583

The Simple Like Page Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-3583 Simple Like Page Plugin <= 1.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Simple Like Page Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-3583 Simple Like Page Plugin <= 1.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Simple Like Page Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

WordPress Simple Like Page Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS)

Software Simple Like Page Type Plugin Vulnerable versions = 1.5.2 Fixed in 1.5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3583 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d29033c851e5 Credits Krzysztof Zając Require...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues. IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data has migrated to a new base image for the Operators used by our Speech Services. The following vulnerabilities...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : Ansible vulnerabilities (USN-5315-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5315-1 advisory. It was discovered that Ansible did not properly manage directory permissions when running playbooks with an...

Amazon Linux 2 : ansible (ALASANSIBLE2-2023-001)

The version of ansible installed on the remote host is prior to 2.9.23-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ANSIBLE2-2023-001 advisory. A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through...

Oracle Linux 6 : glibc (ELSA-2017-3583)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-3583 advisory. 2.12-1.209.0.3.2 - backport rh patch 1047983 from OL7, Orabug 25407655 2.12-1.209.2 - Avoid large allocas in the dynamic linker 1452711 Tenable has extracted th...

Oracle Linux 8 : yum (ELSA-2019-3583)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3583 advisory. createrepoc 0.11.0-3 - Backport patch to switch off timestamps on documentation in order to remove file conflicts RhBug:1738788 0.11.0-2 - Consistently...

CVE-2023-41052

Vyper is a Pythonic Smart Contract Language. In affected versions the order of evaluation of the arguments of the builtin functions uint256addmod, uint256mulmod, ecadd and ecmul does not follow source order. This behaviour is problematic when the evaluation of one of the arguments produces side...

PYSEC-2023-168

Vyper is a Pythonic Smart Contract Language. In affected versions the order of evaluation of the arguments of the builtin functions uint256addmod, uint256mulmod, ecadd and ecmul does not follow source order. This behaviour is problematic when the evaluation of one of the arguments produces side...

PYSEC-2023-168

Vyper is a Pythonic Smart Contract Language. In affected versions the order of evaluation of the arguments of the builtin functions uint256addmod, uint256mulmod, ecadd and ecmul does not follow source order. This behaviour is problematic when the evaluation of one of the arguments produces side...