MiracleLinux 4 : thunderbird-68.4.1-2.AXS4 (AXSA:2020-4431:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4431:01 advisory. Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement CVE-2019-17026 Mozilla: Bypass of @namespace CSS sanitization durin...

DLA-4431-1 gimp - security update

Bulletin has no description...

CVE-2025-4431

The Featured Image Plus – Quick & Bulk Edit with Unsplash plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fipsaveattachfeatured function in all versions up to, and including, 1.6.4. This makes it possible for authenticated attackers...

CVE-2025-4431

creationtimestamp| type| source ---|---|--- 2025-05-30 08:06:46+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqerjtggsat2 2025-05-30 12:02:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqf6rnj6qd2s...

CVE-2025-4431

CVE-2025-4431 affects the WordPress plugin Featured Image Plus – Quick & Bulk Edit with Unsplash . The root cause is a missing capability check in the function fip_save_attach_featured, enabling unauthorised modification of post featured images by authenticated users with Subscriber-level access ...

CVE-2025-4431 Featured Image Plus <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) Featured Image Update

The Featured Image Plus – Quick & Bulk Edit with Unsplash plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fipsaveattachfeatured function in all versions up to, and including, 1.6.4. This makes it possible for authenticated attackers...

CVE-2025-4431 Featured Image Plus <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) Featured Image Update

The Featured Image Plus – Quick & Bulk Edit with Unsplash plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fipsaveattachfeatured function in all versions up to, and including, 1.6.4. This makes it possible for authenticated attackers...

WordPress Featured Image Plus plugin <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) Featured Image Update vulnerability

Missing Authorization to Authenticated Subscriber+ Featured Image Update vulnerability discovered by Kishan Vyas in WordPress Plugin Featured Image Plus versions = 1.6.4...

CVE-2022-4431

The WOOCS WordPress plugin before 1.3.9.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege user...

CVE-2018-4431

A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2...

CVE-2022-4431

creationtimestamp| type| source ---|---|--- 2025-04-04 20:36:21+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10547...

RHEL 9 : libreswan (RHSA-2024:4431)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4431 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...

WordPress LA-Studio Element Kit for Elementor Plugin <= 1.3.7.6 is vulnerable to Cross Site Scripting (XSS)

Software LA-Studio Element Kit for Elementor Type Plugin Vulnerable versions = 1.3.7.6 Fixed in 1.3.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4431 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3ba3d7e916c9 Credits...

openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0237-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-4431

The CVE-2021-4431 issue affects msyk FMDataAPI up to version 22, specifically FMDataAPI_Sample.php, where an unknown function manipulation leads to Cross-Site Scripting (XSS). The vulnerability can be exploited remotely, and upgrading to version 23 addresses the issue (patch 3bd1709a8f7b1720529bf...

Fedora: Security Advisory for chromium (FEDORA-2023-b427f54e68)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2023-d79ff22c5b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2023-0256 Updated chromium-browser-stable packages fix security vulnerability

The chromium-browser-stable package has been updated to the 116.0.5845.140 release, fixing 5 vulnerabilities. High CVE-2023-4430: Use after free in Vulkan. Reported by Cassidy Kim@cassidy6564 on 2023-08-02 High CVE-2023-4429: Use after free in Loader. Reported by Anonymous on 2023-08-03 High...

Oracle Linux 8 : kernel (ELSA-2020-4431)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4431 advisory. - fs xfs: fix boundary test in xfsattrshortformverify Eric Sandeen 1875316 CVE-2020-14385 - net packet: fix overflow in tpacketrcv Hangbin Liu 1876224...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2023:0237-1 Rating: important References: 1214487 Cross-References: CVE-2023-4427 CVE-2023-4428 CVE-2023-4429 CVE-2023-4430 CVE-2023-4431 CVSS scores: CVE-2023-4428 NVD : 8.1...