[SECURITY] [DLA 4358-1] wordpress security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-4358-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta November 02, 2025 https://wiki.debian.org/LTS -...

EUVD-2022-6240

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2016-8286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security...

Linux Distros Unpatched Vulnerability : CVE-2016-5507

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to...

CVE-2022-31148

Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting XSS vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via th...

WordPress Email Subscribers by Icegram Express 5.7.14 SQL Injection

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress and WooCommerce plugin for WordPress is vulnerable to SQL Injection via the run function of the IGESSubscribersQuery class in all versions up to, and including, 5.7.14 due to insufficient escaping on...

WordPress Email Subscribers & Newsletters Plugin <= 5.7.13 is vulnerable to Broken Access Control

Software Email Subscribers & Newsletters Type Plugin Vulnerable versions = 5.7.13 Fixed in 5.7.14 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31352 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 1e92fe5167c9 Credits Mika Requir...

K13201415: MySQL vulnerability CVE-2016-5616

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: MyISAM. CVE-2016-5616 Impact There is no impact; F5...

SUSE CVE-2016-8286

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges...

CVE-2022-31148

Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting XSS vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via th...

Cross site scripting

Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting XSS vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via th...

CVE-2022-31148 Persistent cross site scripting in customer module in Shopware

Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting XSS vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via th...

CVE-2022-31148

CVE-2022-31148 concerns Shopware, an open‑source e‑commerce platform. A persistent cross‑site scripting (XSS) vulnerability exists in the customer module for versions from 5.7.0 , enabling an attacker to inject scripts that persist across sessions. The issue stems from insufficient input validati...

Shopware vulnerable to persistent cross site scripting (XSS) in customer module

Impact Persistent XSS in customer module Patches We recommend updating to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via the download overview. For older versions you can use the Security Plugin:...

PT-2022-20563 · Shopware · Shopware

Name of the Vulnerable Software and Affected Versions: Shopware versions 5.7.0 through 5.7.13 Description: A persistent cross-site scripting XSS issue exists in the customer module. This allows for malicious scripts to be executed in the context of the user's session. Users are recommended to...

mysql: unspecified vulnerability in subcomponent: Server: GIS (CPU October 2016)

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS...

mysql: unspecified vulnerability in subcomponent: Server: Types (CPU October 2016)

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types...

mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU October 2016)

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer...

mysql: unspecified vulnerability in subcomponent: Server: Federated (CPU October 2016)

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated...

CVE-2016-8286

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges...