Fedora 43 : libpng (2026-67c20bfb74)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-67c20bfb74 advisory. 1.6.56 is release fixes for the following two security vulnerabilities: - CVE-2026-33416 high severity: Use-after-free memory bug in the transparenc...

Active Exploitation of 7-Zip RCE Vulnerability Shows Why Manual Patching is No Longer an Option

A critical remote code execution RCE vulnerability in 7-Zip CVE-2025-11001 is now being actively exploited. The issue stems from improper handling of symbolic links within crafted ZIP files. When a malicious archive is extracted, 7-Zip may write files outside the intended directory, allowing an...

PT-2024-34191 · WordPress · Bold Page Builder

Name of the Vulnerable Software and Affected Versions: Bold Page Builder versions through 5.1.3 Description: The issue is related to missing authorization, allowing exploitation of incorrectly configured access control security levels. This could potentially lead to site compromise...

PT-2024-30334

Name of the Vulnerable Software and Affected Versions StylemixThemes Cost Calculator Builder versions 3.2.15 and earlier Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows unauthorized database...

PT-2024-19189 · Elspec · Elspec G5 Digital Fault Recorder

Name of the Vulnerable Software and Affected Versions: Elspec G5 digital fault recorder versions 1.1.4.15 and before Description: An issue was discovered in the system logs download mechanism, allowing directory traversal to occur. This could potentially expose system logs. If local network acces...

WordPress iOS App Bug Leaked Secret Access Tokens to Third-Party Sites

If you have a "private" blog with WordPress.com and are using its official iOS app to create or edit posts and pages, the secret authentication token for your admin account might have accidentally been leaked to third-party websites. WordPress has recently patched a severe vulnerability in its iO...

CUPS 1.1.x Negative Length HTTP Header Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6437/info A vulnerability has been reported for CUPS that if exploited may result in a DoS or the execute of code on affected systems. An attacker can exploit this vulnerability by connecting to a vulnerable system and...

FreeBSD : django -- multiple vulnerabilities (14a37474-1383-11e0-8a58-00215c6a37bb)

Django project reports : Today the Django team is issuing multiple releases -- Django 1.2.4, Django 1.1.3 and Django 1.3 beta 1 -- to remedy two security issues reported to us. All users of affected versions of Django are urged to upgrade immediately. Information leakage in Django administrative...

[CYBSEC] TippingPoint detection bypass

CYBSEC S.A. www.cybsec.com Pre-Advisory Name: TippingPoint detection bypass ============== Vulnerability Class: Design flaw ============== Release Date: 07/24/2006 ========== Affected Platforms: ============= All TippingPoint appliances with TOS = 2.2.3.6514 Local / Remote: Remote ===========...