EUVD-2025-35811

The NGINX Cache Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'nginxcacheoptimizer-blacklist-update' AJAX action in all versions up to, and including, 1.1. This makes it possible for authenticated attackers, with...

PT-2025-43597

Name of the Vulnerable Software and Affected Versions NGINX Cache Optimizer plugin for WordPress versions up to and including 1.1 Description The NGINX Cache Optimizer plugin for WordPress is susceptible to unauthorized data modification. A missing capability check on the...

PT-2019-19439 · Sofa · Sofahessian

Name of the Vulnerable Software and Affected Versions: SOFA-Hessian versions 4.0.2 and earlier Description: The issue allows remote attackers to execute arbitrary commands via a crafted serialized Hessian object because blacklisting of com.caucho.naming.QName and...

SUSE-SU-2017:2264-1 Security update for libzypp

The Software Update Stack was updated to receive fixes and enhancements. libzypp: - CVE-2017-7435, CVE-2017-7436, CVE-2017-9269: Fix GPG check workflows, mainly for unsigned repositories and packages. bsc1045735, bsc1038984 - Fix gpg-pubkey release creation time computation. bsc1036659 - Update...

Microsoft Kernel Mode Blacklist Update Security Advisory (3179528)

This host is missing a security update according to Microsoft advisory 3179528. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MS KB2728973: Unauthorized Digital Certificates Could Allow Spoofing

The remote host is missing KB2728973, which updates the system's SSL certificate blacklist. %NASLMINLEVEL 70300 %NASLMINLEVEL 999999 @DEPRECATED@ C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid59916; scriptversion"1.11";...

MS KB2524375: Fraudulent Digital Certificates Could Allow Spoofing (deprecated)

The remote host is missing KB2524375, which updates the system's SSL certificate blacklist. A certificate authority CA has revoked a number of fraudulent SSL certificates for several prominent, public websites. Without this update, browsers will be unable to learn that the certificates have been...

Debian DSA-2199-1 : iceape - ssl certificate blacklist update

This update for the Iceape internet suite, an unbranded version of SeaMonkey, updates the certificate blacklist for several fraudulent HTTPS certificates. More details can be found in a blog posting by Jacob Appelbaum of the Tor project. The oldstable distribution lenny is not affected. The iceap...

Debian DSA-2200-1 : iceweasel - ssl certificate blacklist update

This update for Iceweasel, a web browser based on Firefox, updates the certificate blacklist for several fraudulent HTTPS certificates. More details can be found in a blog posting by Jacob Appelbaum of the Tor project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...