CVE-2023-45065

CVE-2023-45065 concerns the WordPress plugin Bulk NoIndex & NoFollow Toolkit by Mad Fish (vendor: Mad Fish; plugin: Bulk NoIndex & NoFollow Toolkit). Affected versions are

CVE-2023-45065 WordPress Bulk NoIndex & NoFollow Toolkit Plugin <= 1.42 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit plugin = 1.42 versions...

openSUSE 15 Security Update : yq (SUSE-SU-2023:4000-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:4000-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable,...

Fish: User-assisted execution of arbitrary code

Background Smart and user-friendly command line shell for macOS, Linux, and the rest of the family. It includes features like syntax highlighting, autosuggest-as-you-type, and fancy tab completions that just work, with no configuration required. Description A vulnerability have been discovered in...

GLSA-202309-10 : Fish: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-202309-10 Fish: User-assisted execution of arbitrary code - fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuratio...

Friday Squid Blogging: Squid Brand Fish Sauce

Squid Brand is a Thai company that makes fish sauce: It is part of Squid Brands range of "personalized healthy fish sauces" that cater to different consumer groups, which include the Mild Fish Sauce for Kids and Mild Fish Sauce for Silver Ages. It also has a Vegan Fish Sauce. As usual, you can al...

SUSE SLES15 Security Update : salt (SUSE-SU-2023:2572-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2572-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

SUSE SLES15 Security Update : salt (SUSE-SU-2023:2581-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2581-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : helm (SUSE-SU-2023:2179-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2179-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's...

Improper Input Validation

redis is vulnerable to Improper Input Validation. The vulnerability allows the 'HINCRBYFLOAT' command to be used by authenticated users which creates an invalid hash fish which crashes redis...

fish-master.cz Cross Site Scripting vulnerability OBB-3257261

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Debian: Security Advisory (DLA-168-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2014-2905

fish aka fish-shell 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user permissions...

SUSE CVE-2014-2906

The psub function in fish aka fish-shell 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name...

SUSE CVE-2014-2914

fish aka fish-shell 2.0.0 before 2.1.1 does not restrict access to the configuration service aka fishconfig, which allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by setprompt...

SUSE CVE-2014-3219

fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on 1 /tmp/fishd.log.%s, 2 /tmp/.pac-cache.$USER, 3 /tmp/.yum-cache.$USER, or 4 /tmp/.rpm-cache.$USER...

SUSE CVE-2014-3856

The funced function in fish aka fish-shell 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name...

SUSE CVE-2022-20001

fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. When using the default configuration of fish, changing...

Ubuntu: Security Advisory (USN-5367-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Video game playing FISH live streams credit card 'theft'

A fish is in hot water metaphorically speaking after having performed some incredible antics on a video game live stream. The fish, known for playing popular video game titles to completion on live streams, decided to take that whole gamer lifestyle thing a little too far and went on a rip-roarin...