279map-backend-common (>=0.1.2 <=0.33.1), @112dev/phunt-cli (>=1.0.0-beta.0 <=1.0.0-beta.2) +102 more potentially affected by CVE-2026-8814 via exifreader (>=4.13.2 <=4.38.1)

exifreader NPM version =4.13.2, =0.1.2, =1.0.0-beta.0, =1.0.0-beta.0, =0.0.5, =0.1.0, =1.0.1, =0.1.0, =0.10.0, =1.18.1, =1.0.2, =2.0.0, =0.1.0, =0.1.0-rc2 and more Source cves: CVE-2026-8814 Source advisory: SNYK:JS-EXIFREADER-16689340...

WordPress Ajax Search Lite plugin <= 4.13.1 - Missing Authorization to Unauthenticated Basic Information Exposure via ASL_Query in AJAX Search Handler vulnerability

Missing Authorization to Unauthenticated Basic Information Exposure via ASLQuery in AJAX Search Handler vulnerability discovered by stealthcopter in WordPress Plugin Ajax Search Lite versions = 4.13.1...

Linux Distros Unpatched Vulnerability : CVE-2017-14340

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The XFSISREALTIMEINODE macro in fs/xfs/xfslinux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local...

CVE-2023-50882

Missing Authorization vulnerability in ProfilePress Membership Team ProfilePress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProfilePress: from n/a through 4.13.2...

RHSA-2023:3366 Red Hat Security Advisory: OpenShift Container Platform 4.13.2 packages and security update

Bulletin has no description...

PT-2023-29132 · WordPress · Profilepress

Name of the Vulnerable Software and Affected Versions: ProfilePress Membership Team Paid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress versions n/a through 4.13.2 Description: The issue is related to the exposure of sensitive informati...

Security Bulletin: Addressing the Security vulnerability CVE-2020-15250 found in junit-4.10.jar and its previous versions as part of ITCAM for Transactions

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following junit-4.10.jar vulnerability and updated junit.jar from version 4.4 to 4.13.2 Vulnerability Details CVEID:CVE-2020-15250 DESCRIPTION: JUnit4 could allow a local attacker to...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.2 packages and security update

Red Hat OpenShift Container Platform release 4.13.2 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

Contao 4.13.2 Cross Site Scripting

Exploit Title: Contao 4.13.2 - Cross-Site Scripting XSS Google Dork: NA Date: 04/28/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://contao.org/en/ Software Link: https://github.com/contao/contao/releases/tag/4.13.2 Version: 4.13.2 Tested on: KALI OS CVE : CVE-2022-15...

Contao 4.13.2 - Cross-Site Scripting (XSS)

Exploit Title: Contao 4.13.2 - Cross-Site Scripting XSS Google Dork: NA Date: 04/28/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://contao.org/en/ Software Link: https://github.com/contao/contao/releases/tag/4.13.2 Version: 4.13.2 Tested on: KALI OS CVE : CVE-2022-15...

GHSA-JWH2-FFG4-48XC Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

Cross site scripting via canonical URL

Date : 2022-05-05 CVE ID : CVE-2022-24899 Description Untrusted users can inject malicious code into the canonical tag, which is then executed on the web page front end. Affected versions Contao 4.13 up to 4.13.2 Suggested solution Update to Contao 4.13.3. Workaround Disable canonical tags in the...

CVE-2021-20218

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threat from this vulnerability is to integrity and...

SUSE-SU-2021:0185-1 Security update for samba

This update for samba fixes the following issues: - Update to 4.13.3 + libcli: smb2: Never print length if smb2signingkeyvalid fails for crypto blob; bso14210; + s3: modules: gluster. Fix the error I made in preventing talloc leaks from a function; bso14486; + s3: smbd: Don't overwrite contents o...

openSUSE Security Update : xen (openSUSE-2020-2017)

This update for xen fixes the following issues : Security issue fixed : - CVE-2020-28368: Fixed the Intel RAPL sidechannel attack, aka PLATYPUS attack, aka XSA-351 bsc1178591. Non-security issues fixed : - Updated to Xen 4.13.2 bug fix release bsc1027519. - Fixed a panic during MSI cleanup on AMD...

Security update for xen (important)

openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2020:2017-1 Rating: important References: 1027519 1177950 1178591 Cross-References: CVE-2020-28368 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has two fixes is now available...

[SECURITY] Fedora 32 Update: xen-4.13.2-2.fc32

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

SUSE-SU-2020:3412-1 Security update for xen

This update for xen fixes the following issues: Security issue fixed: - CVE-2020-28368: Fixed the Intel RAPL sidechannel attack, aka PLATYPUS attack, aka XSA-351 bsc1178591. Non-security issues fixed: - Updated to Xen 4.13.2 bug fix release bsc1027519. - Fixed a panic during MSI cleanup on AMD...

[SECURITY] Fedora 32 Update: xen-4.13.2-1.fc32

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Malicious Package in epress

Version 4.13.2 of epress contains malicious code . The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. Upon require the package attempts to start a cryptocurrency miner using coin-hive. Recommendation Remove the package from you...