Moderate: Red Hat Security Advisory: glib2 security update

An update for glib2 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Alibaba Cloud Linux 3 : 0015: openssl (ALINUX3-SA-2026:0015)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0015 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-9230: Issue summary: An application trying...

CVE-2025-14907

The Moderate Selected Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing nonce verification on the mspadminpage function. This makes it possible for unauthenticated attackers to modify plugin settings via a forg...

CVE-2025-14907

The Moderate Selected Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing nonce verification on the mspadminpage function. This makes it possible for unauthenticated attackers to modify plugin settings via a forg...

CVE-2025-14907

The Moderate Selected Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing nonce verification on the mspadminpage function. This makes it possible for unauthenticated attackers to modify plugin settings via a forg...

CVE-2025-14907

CVE-2025-14907 – Moderate Selected Posts (WordPress) CSRF vulnerability : The WordPress plugin is vulnerable in versions up to 1.4 due to missing nonce verification in the msp_admin_page() function. This enables unauthenticated attackers to modify plugin settings through forged requests if a site...

WordPress Moderate Selected Posts plugin <= 1.4 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Moderate Selected Posts versions = 1.4...

WordPress plugin: “Moderate Selected Posts” – Cross-Site Request Forgery vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.47 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.47 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

Moderate: Red Hat Security Advisory: glib2 security update

An update for glib2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: Red Hat Security Advisory: osbuild-composer security update

An update for osbuild-composer is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common...

MiracleLinux 8 : squid:4 (AXSA:2022-3562:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3562:01 advisory. squid: out-of-bounds read in WCCP protocol data may lead to information disclosure CVE-2021-28116 Tenable has extracted the preceding description block...

MiracleLinux 8 : dotnet6.0-6.0.108-1.el8.ML.1 (AXSA:2022-3785:11)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3785:11 advisory. dotnet: External Entity Injection during XML signature verification CVE-2022-34716 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : python3-3.6.8-39.el8.ML.1 (AXSA:2021-2524:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2524:05 advisory. python: urllib: Regular expression DoS in AbstractBasicAuthHandler CVE-2021-3733 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : curl-7.76.1-26.el9_3.3 (AXSA:2024-7591:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7591:01 advisory. curl: information disclosure by exploiting a mixed case flaw CVE-2023-46218 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : nginx:1.16 (AXSA:2021-1530:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1530:01 advisory. nginx: HTTP request smuggling in configurations with URL redirect used as errorpage CVE-2019-20372 Tenable has extracted the preceding description block...

MiracleLinux 8 : libuv-1.41.1-2.el8_10 (AXSA:2024-8516:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8516:01 advisory. libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : booth-1.0-199.1.ac1d34c.git.el8.1 (AXSA:2022-3841:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3841:01 advisory. booth: authfile directive in booth config file is completely ignored. CVE-2022-2553 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : libsndfile-1.0.28-14.el8 (AXSA:2024-8260:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8260:02 advisory. libsndfile: integer overflow in src/mat4.c and src/au.c leads to DoS CVE-2022-33065 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : mpg123-1.32.9-1.el9_5 (AXSA:2024-9488:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9488:02 advisory. mpg123: Buffer overflow when writing decoded PCM samples CVE-2024-10573 Tenable has extracted the preceding description block directly from the MiracleLinux...