openSUSE 16 Security Update : roundcubemail (openSUSE-SU-2026:20586-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20586-1 advisory. Changes in roundcubemail: - update to 1.6.15 This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to some...

Security update for roundcubemail (important)

openSUSE Security Update: Security update for roundcubemail Announcement ID: openSUSE-SU-2026:0141-1 Rating: important References: 1261157 1261488 Cross-References: CVE-2026-35537 Affected Products: openSUSE Backports SLE-15-SP7 An update that solves one vulnerability and has one errata is now...

[SECURITY] Fedora 43 Update: roundcubemail-1.6.15-1.fc43

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Incorrect Resource Transfer Between Spheres

Overview Affected versions of this package are vulnerable to Incorrect Resource Transfer Between Spheres in the remote image blocking process. An attacker can cause unauthorized remote image loading by embedding specially crafted SVG content with animate elements using attributes such as fill,...

CVE-2025-67520

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tiny Solutions Media Library Tools media-library-tools allows SQL Injection.This issue affects Media Library Tools: from n/a through = 1.6.15...

CVE-2025-67520 WordPress Media Library Tools plugin <= 1.6.15 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tiny Solutions Media Library Tools media-library-tools allows SQL Injection.This issue affects Media Library Tools: from n/a through = 1.6.15...

CVE-2025-67520

CVE-2025-67520: WordPress plugin Media Library Tools (media-library-tools)

CVE-2025-67520 WordPress Media Library Tools plugin <= 1.6.15 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tiny Solutions Media Library Tools media-library-tools allows SQL Injection.This issue affects Media Library Tools: from n/a through = 1.6.15...

WordPress plugin Media Library Tools SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injection...

PT-2025-49896

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tiny Solutions Media Library Tools media-library-tools allows SQL Injection.This issue affects Media Library Tools: from n/a through = 1.6.15...

EUVD-2024-19750

Malicious code in bioql PyPI...

CVE-2024-22156

Missing Authorization vulnerability in SNP Digital SalesKing.This issue affects SalesKing: from n/a through 1.6.15...

CVE-2024-22154

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SNP Digital SalesKing.This issue affects SalesKing: from n/a through 1.6.15...

PT-2024-19244 · Webwizards · Salesking

Name of the Vulnerable Software and Affected Versions: SalesKing versions 1.6.15 and earlier Description: The issue is related to Improper Privilege Management, allowing Privilege Escalation in WebWizards SalesKing. Recommendations: For versions 1.6.15 and earlier, update to a version that includ...

WordPress plugin SalesKing Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2022-0074 Privilege Escalation in OpenLiteSpeed Web Server

Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 before 1.7.16.1...

Fedora 22 : nfdump (2016-3b49c9aa49)

nfdump 1.6.15 released. --- - Fix Security issue http://www.security-assessment.com/files/documents/advis ory/Nfdump%20nfcapd%201.6.14%20-%20Multiple%20Vulnerabil ities.pdf - Fix obyte, opps and obps output records - Fix wrong bps type case in cvs output. Fix opbs ipbs typos nfdump 1.6.14 release...

Debian Security Advisory DSA 3387-1 (openafs - security update)

John Stumpo discovered that OpenAFS, a distributed file system, does not fully initialize certain network packets before transmitting them. This can lead to a disclosure of the plaintext of previously processed packets. OpenVAS Vulnerability Test $Id: deb3387.nasl 6608 2017-07-07 12:05:05Z cfisch...

MyBB < 1.6.15 XSS

Binary data 9120.prm...

MyBB < 1.6.15 Video MyCode XSS

According to its version number, the MyBB application hosted on the remote web server is prior to 1.6.15. It is, therefore, potentially affected by a cross-site scripting vulnerability in video MyCode due to improper validation of user-supplied input. A remote attacker can exploit this to execute...