Security update for perl

This update for perl fixes the following issues: CVE-2025-40909: do not change the current directory when cloning an open directory handle bsc1244079 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

SUSE CVE-2022-50048

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: possible module reference underflow in error path dst-ops is set on when nftexprclone fails, but module refcount has not been bumped yet, therefore nftexprdestroy leads to module reference underflow...

UBUNTU-CVE-2022-50048

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: possible module reference underflow in error path dst-ops is set on when nftexprclone fails, but module refcount has not been bumped yet, therefore nftexprdestroy leads to module reference underflow...

Malicious code in sorex (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9fc62b886698742e247a58de03e45e48cc06149abb4e65e77df10984818ed4f1 Clones of libraries to access Aminoapps e.g. legitimate package amino.fix with added exfiltration of the given credentials --- Category: MALICIOUS - The campai...

MAL-2025-191942 Malicious code in zamino (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c9ada91851d5e9411f5c74d5ea595be092fc2e4d2e8f7f7c995b6fbb6bd90d00 Clones of libraries to access Aminoapps e.g. legitimate package amino.fix with added exfiltration of the given credentials --- Category: MALICIOUS - The campai...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the cloneAction of the segment management. An attacker can bypass intended permission restrictions and clone segments even if they lack the necessary permissions to create new ones by exploiting the missing...

CVE-2024-47055

SummaryThis advisory addresses a security vulnerability in Mautic related to the segment cloning functionality. This vulnerability allows any authenticated user to clone segments without proper authorization checks. Insecure Direct Object Reference IDOR / Missing Authorization: A missing...

Mautic 安全漏洞

Mautic is an open source marketing automation software from Mautic Open Source. The software monitors and manages websites, sends emails and manages customer resources. A security vulnerability exists in versions prior to Mautic 6.0.2 that stems from a lack of authorization checking and could lea...

CVE-2024-43297

Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.4.5...

CVE-2024-43298

Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.4.5...

CVE-2024-21533

All versions of the package ggit are vulnerable to Arbitrary Argument Injection via the clone API, which allows specifying the remote URL to clone and the file on disk to clone to. The library does not sanitize for user input or validate a given URL scheme, nor does it properly pass command-line...

CVE-2024-21531

All versions of the package git-shallow-clone are vulnerable to Command injection due to missing sanitization or mitigation flags in the process variable of the gitShallowClone function...

CVE-2024-33636

Missing Authorization vulnerability in Mahesh Vora WP Page Post Widget Clone.This issue affects WP Page Post Widget Clone: from n/a through 1.0.1...

CVE-2024-12335

The Avada Fusion Builder plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.11.12 via the handleclonepost function and the 'fusionblog' shortcode and due to insufficient restrictions on which posts can be included. This makes it possible for...

CVE-2023-0756

An issue has been discovered in GitLab affecting all versions before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. The main branch of a repository with a specially crafted name allows an attacker to create repositories with malicious cod...

CVE-2023-0715

The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajaxclonefolder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke thi...

CVE-2023-6750

The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file path...

CVE-2023-38395

Missing Authorization vulnerability in Afzal Multani WP Clone Menu.This issue affects WP Clone Menu: from n/a through 1.0.1...

CVE-2023-0725

The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajaxclonefolder function. This makes it possible for unauthenticated attackers to invoke this function via...

CVE-2023-25486

Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.3.7...