Astra Linux - уязвимость в python-urllib3

In the urllib3 library, as of version 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameters...

EulerOS Virtualization 2.13.1 : unbound (EulerOS-SA-2026-1642)

According to the versions of the unbound packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2026-1467)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES16 Security Update : unbound (SUSE-SU-2026:20201-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:20201-1 advisory. Update to 1.24.1: - CVE-2025-11411: Fixed possible domain hijacking attack bsc1252525. Tenable has extracted the preceding description bloc...

OPENSUSE-SU-2026:20139-1 Security update for unbound

This update for unbound fixes the following issues: Update to 1.24.1: - CVE-2025-11411: Fixed possible domain hijacking attack bsc1252525...

SUSE-SU-2026:20180-1 Security update for unbound

This update for unbound fixes the following issues: Update to 1.24.1: - CVE-2025-11411: Fixed possible domain hijacking attack bsc1252525...

SUSE-SU-2026:20201-1 Security update for unbound

This update for unbound fixes the following issues: Update to 1.24.1: - CVE-2025-11411: Fixed possible domain hijacking attack bsc1252525...

CVE-2023-25480

Cross-Site Request Forgery CSRF vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin = 1.24.1 versions...

CVE-2025-63014

Cross-Site Request Forgery CSRF vulnerability in Serhii Pasyuk Gmedia Photo Gallery grand-media allows Cross Site Request Forgery.This issue affects Gmedia Photo Gallery: from n/a through = 1.25.0...

CVE-2025-63014 WordPress Gmedia Photo Gallery plugin <= 1.24.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Serhii Pasyuk Gmedia Photo Gallery allows Cross Site Request Forgery.This issue affects Gmedia Photo Gallery: from n/a through 1.24.1...

CVE-2025-63014

Technical details for CVE-2025-63014 are not provided in the supplied documents. No information on affected product versions, root cause, impact, or remediation is available here. Monitor for updates from official advisories and vulnerability databases.

Fedora: Security Advisory (FEDORA-2025-16df491a66)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2025:15668-1 libunbound8-1.24.1-1.1 on GA media

These are all security issues fixed in the libunbound8-1.24.1-1.1 package on the GA media of openSUSE Tumbleweed...

AZL-68796 CVE-2025-11411 affecting package unbound for versions less than 1.19.1-4

NLnet Labs Unbound up to and including version 1.24.1 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are...

ALPINE-CVE-2025-11411

NLnet Labs Unbound up to and including version 1.24.1 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are...

CVE-2025-11411

NLnet Labs Unbound up to and including version 1.24.1 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are...

unbound -- Possible domain hijacking via promiscuous records in the authority section

[email protected] reports: NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone...

CVE-2023-2010

The Forminator WordPress plugin before 1.24.1 does not use an atomic operation to check whether a user has already voted, and then update that information. This leads to a Race Condition that may allow a single user to vote multiple times on a poll...

CVE-2020-24617

Mailtrain through 1.24.1 allows SQL Injection in statsClickedSubscribersByColumn in lib/models/campaigns.js via /campaigns/clicked/ajax because variable column names are not properly escaped...

CVE-2025-30473

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Airflow Common SQL Provider. When using the partition clause in SQLTableCheckOperator as parameter which was a recommended pattern, Authenticated UI User could inject arbitrary SQL command...