openSUSE 16 Security Update : tar (openSUSE-SU-2026:20472-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20472-1 advisory. This update for tar fixes the following issue: Security issue: - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives...

SUSE-SU-2026:21002-1 Security update for tar

This update for tar fixes the following issue: Security issue: - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives bsc1246399. Non security issue: - Fixes tar creating invalid tarballs when used with --delete bsc1246607...

SUSE-SU-2026:21143-1 Security update for tar

This update for tar fixes the following issue: Security issue: - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives bsc1246399. Non security issue: - Fixes tar creating invalid tarballs when used with --delete bsc1246607...

OPENSUSE-SU-2026:20472-1 Security update for tar

This update for tar fixes the following issue: Security issue: - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives bsc1246399. Non security issue: - Fixes tar creating invalid tarballs when used with --delete bsc1246607...

CVE-2025-14162

The BMLT WordPress Plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.11.4. This is due to missing nonce validation on the 'BMLTPlugincreateoption' and 'BMLTPlugindeleteoption ' action. This makes it possible for unauthenticated attackers to...

EUVD-2025-203017

The BMLT WordPress Plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.11.4. This is due to missing nonce validation on the 'BMLTPlugincreateoption' and 'BMLTPlugindeleteoption ' action. This makes it possible for unauthenticated attackers to...

CVE-2025-14162 BMLT WordPress Plugin <= 3.11.4 - Cross-Site Request Forgery to Settings Creation and Deletion

The BMLT WordPress Plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.11.4. This is due to missing nonce validation on the 'BMLTPlugincreateoption' and 'BMLTPlugindeleteoption ' action. This makes it possible for unauthenticated attackers to...

Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials

More than 140,000 phishing websites have been found linked to a phishing-as-a-service PhaaS platform named Sniper Dz over the past year, indicating that it's being used by a large number of cybercriminals to conduct credential theft. "For prospective phishers, Sniper Dz offers an online admin pan...

Apache CouchDB 2.3.0 - Cross-Site Scripting

Exploit Title: Apache CouchDB 2.3.0 | Cross-Site Scripting Date: 17.02.2019 Exploit Author: Ozer Goker Vendor Homepage: http://couchdb.apache.org Software Link: http://couchdb.apache.org/download Version: 2.3.0 Introduction A CouchDB server hosts named databases, which store documents. Each...

CVE-2013-4500

The Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote authenticated users with the "view any quiz results" or "view results for own quiz" permission to delete arbitrary results via the delete option...

A10 Networks AX Loadbalancer Directory Traversal

This module exploits a directory traversal flaw found in A10 Networks Soft AX Loadbalancer version 2.6.1-GR1-P5/2.7.0 or less. When handling a file download request, the xml/downloads class fails to properly check the 'filename' parameter, which can be abused to read any file outside the virtual...