Security update for docker

This update for docker fixes the following issues: This update includes fixes for: CVE-2024-41110: Fixed Authz zero length regression bsc1228324 CVE-2023-47108: Fixed otelgrpc: DoS vulnerability in otelgrpc uncontrolled resource consumption due to unbound cardinality bsc1217070 bsc1229806...

CVE-2025-31450

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phantom.omaga Toggle Box toggle-box allows Stored XSS.This issue affects Toggle Box: from n/a through = 1.6...

WordPress Toggle Box plugin <= 1.6 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Toggle Box versions = 1.6...

CVE-2025-31450

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phantom.omaga Toggle Box toggle-box allows Stored XSS.This issue affects Toggle Box: from n/a through = 1.6...

CVE-2025-31450 WordPress Toggle Box plugin <= 1.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phantom.omaga Toggle Box toggle-box allows Stored XSS.This issue affects Toggle Box: from n/a through = 1.6...

CVE-2025-31450

CVE-2025-31450 affects Toggle Box (WordPress plugin) and is an authenticated (Contributor+) Stored XSS in the Toggle Box code path. Primary details from the CVE entry indicate Improper Neutralization of Input During Web Page Generation leading to Stored XSS in Toggle Box versions up to 1.6. The W...

CVE-2025-31450 WordPress Toggle Box <= 1.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phantom.omaga Toggle Box allows Stored XSS. This issue affects Toggle Box: from n/a through 1.6...

WordPress plugin Toggle Box 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: CVE-2025-24201: Fixed out-of-bounds write vulnerability due to that WebGL context primitive restart can be toggled from WebContent process bsc1239547. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

CVE-2024-13703

The CRM and Lead Management by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcitaajaxtoggleae function in all versions up to, and including, 2.7.1. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2024-13703 CRM and Lead Management by vcita <= 2.7.5 - Missing Authorization to Authenticated (Susbcriber+) Widget Toggle

The CRM and Lead Management by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcitaajaxtoggleae function in all versions up to, and including, 2.7.5. This makes it possible for authenticated attackers, with Subscriber-level...

WordPress plugin CRM and Lead Management by vcita 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

WordPress CRM and Lead Management by vcita plugin <= 2.7.1 - Missing Authorization to Authenticated (Susbcriber+) Widget Toggle vulnerability

Missing Authorization to Authenticated Susbcriber+ Widget Toggle vulnerability discovered by yudha in WordPress Plugin CRM and Lead Management by vcita versions = 2.7.5...

Security update for docker

This update for docker fixes the following issues: Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker which...

SUSE-SU-2025:20110-1 Security update for docker

This update for docker fixes the following issues: - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: - Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker whic...

PT-2025-2255 · Vcita · Contact Form/Calls To Action By Vcita

Name of the Vulnerable Software and Affected Versions: The Contact Form and Calls To Action by vcita plugin for WordPress versions up to, and including, 2.7.1 Description: The issue is related to a missing capability check on the vcita ajax toggle ae and vcita ajax toggle contact functions. This...

WordPress Contact Form and Calls To Action by vcita plugin <= 2.7.1 - Missing Authorization to Authenticated (Subscriber+) Contact/Widget Toggle vulnerability

Missing Authorization to Authenticated Subscriber+ Contact/Widget Toggle vulnerability discovered by yudha in WordPress Plugin Contact Form and Calls To Action by vcita versions = 2.7.1...

SUSE CVE-2024-56783

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: remove WARNONONCE on maximum cgroup level cgroup maximum depth is INTMAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove...

UBUNTU-CVE-2024-56783

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: remove WARNONONCE on maximum cgroup level cgroup maximum depth is INTMAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove...

SUSE-RU-2024:4391-1 Recommended update for docker-stable

This update for docker-stable fixes the following issues: - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: - Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Dock...