1065 matches found
DLA-2882-1 sphinxsearch - security update
Bulletin has no description...
Label printers "TEPRA" PRO SR5900P / SR-R7900P vulnerable to insufficiently protected credentials
Overview Label printers "TEPRA" PRO SR5900P / SR-R7900P provided by KING JIM CO.,LTD. contain an insufficiently protected credentials vulnerability CWE-522. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
WordPress Side Cart Woocommerce (Ajax) plugin <= 2.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to Arbitrary Options Update
Cross-Site Request Forgery CSRF vulnerability leading to Arbitrary Options Update discovered by Chloe Chamberland in WordPress Side Cart Woocommerce Ajax plugin versions = 2.0. Solution Update the WordPress Side Cart Woocommerce Ajax plugin to the latest available version at least 2.1...
WordPress Ad Invalid Click Protector (AICP) plugin <= 1.2.5.2 - SQL injection (SQLi) vulnerability
SQL injection SQLi vulnerability discovered by Krzysztof Zając in WordPress Ad Invalid Click Protector AICP plugin versions = 1.2.5.2. Solution Update the WordPress Ad Invalid Click Protector AICP plugin to the latest available version at least 1.2.6...
DSA-5037-1 roundcube - security update
Bulletin has no description...
WordPress Contact Form & Lead Form Elementor Builder plugin <= 1.6.9 - Multiple Stored Cross-Site Scripting (XSS) vulnerabilities
Multiple Stored Cross-Site Scripting XSS vulnerabilities discovered by Yoru Oni in WordPress Contact Form & Lead Form Elementor Builder plugin versions = 1.6.9. Solution Update the WordPress Contact Form & Lead Form Elementor Builder plugin to the latest available version at least 1.7.0...
DLA-2862-1 python-gnupg - security update
Bulletin has no description...
DLA-2859-1 zziplib - security update
Bulletin has no description...
DSA-5000-2 openjdk-11 - security update
Bulletin has no description...
DLA-2844-1 privoxy - security update
Bulletin has no description...
DSA-5018-1 python-babel - security update
Bulletin has no description...
DLA-2833-1 rsync - security update
Bulletin has no description...
WordPress Contact Form With Captcha plugin <= 1.6.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)
Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by Yuga Futatsuki Cryptography Laboratory in Tokyo Denki University in WordPress Contact Form With Captcha plugin versions = 1.6.7. Solution Update the WordPress Contact Form With Captcha plugin to...
DLA-2829-1 libvpx - security update
Bulletin has no description...
JVN#58407606: Unlimited Sitemap Generator vulnerable to cross-site request forgery
Unlimited Sitemap Generator provided by XML-Sitemaps contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the software Update the software to the latest version according to th...
DSA-5008-1 node-tar - security update
Bulletin has no description...
DSA-5004-1 libxstream-java - security update
Bulletin has no description...
RLSA-2021:4222 Moderate: container-tools:3.0 security and bug fix update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: buildah: Host environment variables leaked in build container when using chroot isolation CVE-2021-3602 For more details about the security issues, including the impac...
DLA-2808-1 python3.5 - security update
Bulletin has no description...
OPENSUSE-SU-2021:1411-1 Security update for krb5
This update for krb5 fixes the following issues: - CVE-2021-37750: Fixed KDC null pointer dereference via a FAST inner body that lacks a server field bsc1189929. This update was imported from the SUSE:SLE-15-SP1:Update update project...