[SECURITY] Fedora 43 Update: kernel-7.0.10-101.fc43

The kernel meta package...

WordPress Slider Revolution plugin 7.0.0-7.0.10 - 7.0.10 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

WordPress Slider Revolution plugin 7.0.0-7.0.10 - 7.0.10 - Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by h0xilo in WordPress Plugin Slider Revolution versions 7.0.0-7.0.10...

VulnCheck KEV: CVE-2026-6692

The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the 'getmediaurl' and 'checkfilepath' function. This is due to insufficient file type validation. This makes it possible for authenticated attackers, with subscriber-level access and...

Astra Linux - уязвимость в imagemagick

A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service attack through the “identify -help” command...

Astra Linux - уязвимость в imagemagick

Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7...

WordPress plugin Grand Restaurant 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

PT-2026-20660

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Object Injection.This issue affects Grand Restaurant: from n/a through = 7.0.10...

@bgord/bun (>=1.0.2 <=1.2.4), @devix-tecnologia/utils-ts (=1.0.0) +38 more potentially affected by CVE-2025-14874 via nodemailer (=7.0.10)

nodemailer NPM version =7.0.10 is affected by a known vulnerability. The following packages have a transitive dependency on nodemailer and may be impacted: - @bgord/bun =1.0.2, =32.0.0, =4.0.1, =4.9.5, =8.0.1, =8.0.2, =11.3.0, =5.8.38, =1.9.0, =2.1.6, =1.8.0, =0.3.2, =2.17.15 and more Source cves...

EUVD-2018-8212

Malware in sbrugna...

EUVD-2018-6332

Malware in sbrugna...

EUVD-2020-11570

Malware in sbrugna...

EUVD-2025-17254

Malicious code in bioql PyPI...

EUVD-2025-24471

Malicious code in bioql PyPI...

@8btc/excalidraw (>=0.18.0-beta.0 <=0.18.0-beta.4), @airmix/mcp-excalidraw-server (=1.0.6) +297 more potentially affected by CVE-2025-57347 via dagre-d3-es (>=7.0.10 <=7.0.11)

dagre-d3-es NPM version =7.0.10, =0.18.0-beta.0, =0.17.0-alkemio-1, =1.0.0, =0.18.3, =0.18.0, =0.0.1-BETA, =0.18.1, =1.1.4, =0.0.1, =0.15.0, =0.17.1, =0.17.2 - @changmao/reveal-md =6.1.4-chanmao0.0 and more Source cves: CVE-2025-57347 Source advisory: SNYK:JS-DAGRED3ES-13110069...

Linux Distros Unpatched Vulnerability : CVE-2023-22018

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.46 and Prior t...

Linux Distros Unpatched Vulnerability : CVE-2023-22017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.46 and Prior t...

Linux Distros Unpatched Vulnerability : CVE-2023-22016

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.46 and Prior t...

CVE-2025-27759

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and before 7.0.10 allows an authenticated privileged attacker to execute unauthorized code o...

CVE-2025-27759

Fortinet FortiWeb is affected by an OS Command Injection vulnerability (CWE-78) due to improper neutralization of special elements. Impactable when an authenticated privileged attacker crafts CLI commands to execute arbitrary code on affected versions. Affected software: FortiWeb 7.6.0–7.6.3, 7.4...

CVE-2025-52970

Fortinet FortiWeb is affected by CVE-2025-52970 due to improper handling of parameters in FortiWeb versions 7.6.3 and below, 7.4.7 and below, 7.2.10 and below, and 7.0.10 and below. An unauthenticated remote attacker with non-public device information can gain admin privileges via a specially cra...