409 matches found
[SECURITY] Fedora 42 Update: mingw-gstreamer1-plugins-bad-free-1.25.1-3.fc42
GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality...
[SECURITY] Fedora 41 Update: gstreamer1-plugins-bad-free-1.24.11-2.fc41
GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality...
CVE-2024-27903
OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service...
CVE-2020-9066
Huawei smartphones OxfordP-AN10B with versions earlier than 10.0.1.169C00E166R4P1 have an improper authentication vulnerability. The Application doesn't perform proper authentication when user performs certain operations. An attacker can trick user into installing a malicious plug-in to exploit...
GLPI 授权问题漏洞
GLPI is an open source IT and asset management software from GLPI Open Source. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and ink...
CVE-2024-42187
BigFix Patch Download Plug-ins are affected by path traversal vulnerability. The application could allow operators to download files from a local repository which is vulnerable to path traversal attacks...
CVE-2024-42186 HCL BigFix Patch Download Plug-ins are affected by an insecure protocol support
BigFix Patch Download Plug-ins are affected by an insecure protocol support. The application can allow improper handling of SSL certificates validation...
CVE-2024-42184 HCL BigFix Patch Download Plug-ins are affected by insecure support for file URI scheme
BigFix Patch Download Plug-ins are affected by insecure support for file URI scheme. It could allow a malicious operator to attempt to download files using the file:// URI scheme...
CVE-2024-42182 HCL BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability
BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery SSRF vulnerability. It may allow the application to download files from an internally hosted server on localhost...
PT-2025-2631 · Ibm · Bigfix Patch Download Plug-Ins
The BigFix Patch Download Plug-ins are affected by insecure support for the file URI scheme, which could allow a malicious operator to attempt to download files using the file:// URI scheme. This issue is related to the handling of URI schemes in the plug-ins. An exploit could be used to take...
PT-2025-2633 · Ibm · Bigfix Patch Download Plug-Ins
Name of the Vulnerable Software and Affected Versions: BigFix Patch Download Plug-ins affected versions not specified Description: The issue is related to an insecure protocol support in BigFix Patch Download Plug-ins, which can lead to improper handling of SSL certificates validation. This may...
PT-2025-2632 · Ibm · Bigfix Patch Download Plug-Ins
Name of the Vulnerable Software and Affected Versions: BigFix Patch Download Plug-ins affected versions not specified Description: The issue is related to an insecure package in BigFix Patch Download Plug-ins that is susceptible to XML injection attacks. This allows an attacker to inject maliciou...
PT-2025-2630 · Ibm · Bigfix Patch Download Plug-Ins
Name of the Vulnerable Software and Affected Versions: BigFix Patch Download Plug-ins affected versions not specified Description: The issue concerns an arbitrary file download vulnerability. It could allow a malicious operator to download files from arbitrary URLs without any proper validation o...
PT-2025-2629 · Ibm · Bigfix Patch Download Plug-Ins
Name of the Vulnerable Software and Affected Versions: BigFix Patch Download Plug-ins affected versions not specified Description: The issue is related to a Server-Side Request Forgery SSRF vulnerability. It may allow the application to download files from an internally hosted server on localhost...
[SECURITY] Fedora 40 Update: mingw-gstreamer1-plugins-bad-free-1.24.10-1.fc40
GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality...
[SECURITY] Fedora 41 Update: mingw-gstreamer1-plugins-bad-free-1.24.10-1.fc41
GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality...
Veeam Product Upgrade Guides
Upgrade Guides This article provides a list with links to the upgrade guides available within each product's user guide. Veeam Data Platform Veeam Backup & Replication Veeam ONE Veeam Recovery Orchestrator Veeam Plug-ins for Enterprise Applications Veeam Plug-in for SAP HANA Veeam Plug-in for...
Important: gstreamer1-plugins-good security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: uninitialized stack memory in...
Logpoint 安全漏洞
Logpoint is a network security application from the Danish company Logpoint. A security vulnerability exists in Logpoint versions prior to 7.5.0 that stems from a lack of proper authorization checks on endpoints used to create, edit, or delete third-party authentication modules, allowing...
[SECURITY] Fedora 40 Update: perl-App-cpanminus-1.7047-4.fc40
Why? It's dependency free, requires zero configuration, and stands alone but it's maintainable and extensible with plug-ins and friendly to shell scripting. When running, it requires only 10 MB of RAM...