Fedora 42 : wordpress (2026-675dd9b166)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-675dd9b166 advisory. Upstream announcements: - WordPress 6.9.2 Release - WordPress 6.9.3 and 7.0 beta 4 - WordPress 6.9.4 Release Tenable has extracted the preceding description...

qtsvg: Multiple Vulnerabilities

Background qtsvg is a SVG rendering library for the Qt framework. Description Multiple vulnerabilities have been discovered in qtsvg. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

EUVD-2018-13620

Malware in sbrugna...

CVE-2024-43331

Missing Authorization vulnerability in VeronaLabs WP SMS.This issue affects WP SMS: from n/a through 6.9.3...

CVE-2024-43331

Missing Authorization vulnerability in VeronaLabs WP SMS.This issue affects WP SMS: from n/a through 6.9.3...

PT-2024-30499 · Veronalabs · Veronalabs Wp Sms

Name of the Vulnerable Software and Affected Versions: VeronaLabs WP SMS versions 6.9.3 and earlier Description: A Missing Authorization vulnerability has been identified in VeronaLabs WP SMS. This issue allows for unauthorized access. Recommendations: For versions 6.9.3 and earlier, update to a...

PT-2023-31583 · WordPress · Super Store Finder

Name of the Vulnerable Software and Affected Versions: Super Store Finder plugin for WordPress versions up to, and including, 6.9.3 Description: The issue is related to insufficient restrictions on the sendMail.php file, allowing direct access and enabling unauthenticated attackers to send emails...

oniguruma: Stack exhaustion in regcomp.c because of recursion in regparse.c

Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c...

CVE-2018-21159

NETGEAR ReadyNAS devices before 6.9.3 are affected by incorrect configuration of security settings...

NETGEAR ReadyNAS OS Cross-Site Request Forgery Vulnerability

NETGEAR ReadyNAS OS is a set of operating systems for ReadyNAS network-attached storage devices from NETGEAR. A cross-site request forgery vulnerability exists in NETGEAR ReadyNAS OS 6 using firmware versions prior to 6.9.3. The vulnerability stems from a WEB application that does not adequately...

Cross site request forgery (csrf)

NETGEAR ReadyNAS devices before 6.9.3 are affected by CSRF...

CVE-2018-21160

NETGEAR ReadyNAS devices before 6.9.3 are affected by CSRF...

CVE-2018-21160

NETGEAR ReadyNAS devices running ReadyNAS OS prior to 6.9.3 are affected by a Cross-Site Request Forgery (CSRF) vulnerability. Root cause details are not provided beyond the CSRF label in the sources. Remediation: upgrade to ReadyNAS OS 6.9.3 or later as indicated by resmi advisories. If you need...

PT-2019-5896 · Oniguruma +7 · Oniguruma +7

Name of the Vulnerable Software and Affected Versions: Oniguruma versions prior to 6.9.3 Description: The issue is related to uncontrolled recursion in the Oniguruma library for regular expressions. This can lead to a stack exhaustion, potentially allowing a remote attacker to cause a denial of...

SSRF via WebDAV endpoint - CVE-2019-3395

There was an SSRF vulnerability in Confluence Server and Data Center in the WebDAV plugin. A remote attacker is able to exploit this issue to send arbitrary HTTP and WebDAV requests from a Confluence Server instance. Affected versions: All versions of Confluence Server and Confluence Data Center...

ROOT Remote Code Execution Vulnerability

ROOT is a data processing system written in C++. The system can query databases in parallel on workstations or clusters of multi-core machines. rootd daemon is one of the daemons. A remote code execution vulnerability exists in the rootd daemon in ROOT 6.9.03 and earlier. An attacker can exploit...

UBUNTU-CVE-2016-3714

The 1 EPHEMERAL, 2 HTTPS, 3 MVG, 4 MSL, 5 TEXT, 6 SHOW, 7 WIN, and 8 PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick."...

CVE-2016-3715

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image...