EUVD-2025-202988

The Truefy Embed plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing nonce validation on the 'truefyembedoptionsupdate' settings update action. This makes it possible for unauthenticated attackers to update the...

CVE-2025-14161

The Truefy Embed plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing nonce validation on the 'truefyembedoptionsupdate' settings update action. This makes it possible for unauthenticated attackers to update the...

SUSE-RU-2025:21046-1 Recommended update for afterburn

This update for afterburn fixes the following issues: - Update to version 5.9.0.git21.a73f509: docs/release-notes: update for release 5.10.0 cargo: update dependencies microsoft/azure: Add XML attribute alias for serde-xml-rs Fedora compat docs/release-notes: Add entry for Azure SharedConfig XML...

CVE-2025-12070 ViaAds <= 2.1.2 - Cross-Site Request Forgery to API Key Update

The ViaAds plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.2. This is due to missing nonce validation on the ViaAdspluginHandler function. This makes it possible for unauthenticated attackers to modify the plugin's API key and cookie...

kernel security update

4.18.0-553.81.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

openSUSE Security Advisory (SUSE-SU-2024:1447-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:1447-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues: Upgrade openCryptoki to version 3.23 jscPED-3360, jscPED-3361 EP11: Add support for FIPS-session mode CVE-2024-0914: Updates to harden against RSA timing attacks bsc1219217 Bug fixes - provide userpkcs11 and grouppkcs11 Upgrade to version...

SUSE-SU-2023:1736-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: MFSA 2023-12 bsc1209953: - CVE-2023-28427: Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack bmo1822595 MFSA 2023-11 bsc1209173: - CVE-2023-25751: Incorrect code generation during JIT compilation bmo1814899. -...

PT-2022-20050 · Opencti · Opencti

Name of the Vulnerable Software and Affected Versions: OpenCTI versions 5.2.4 and earlier Description: A broken access control issue has been identified in the profile endpoint. This allows an attacker to change their registered e-mail address and API key, despite this action not being possible...

Microsoft Dynamics CRM 2011 Update Rollup 14

Microsoft Dynamics CRM 2011 Update Rollup 14 INTRODUCTION Update Rollup 14 for Microsoft Dynamics CRM 2011 is now available. This article describes the hotfixes and updates that are included in this update rollup. This rollup is available for all languages that are supported by Microsoft Dynamics...