ALSA-2024:1141 Moderate: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: InnoDB unspecified vulnerability CPU Apr 2023 CVE-2023-21911 mysql: Server: DDL unspecified vulnerability CPU Apr 2023...

RHEL 9 : mysql (RHSA-2024:1141)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1141 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...

CVE-2024-27950

Missing Authorization vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0...

CVE-2024-27949

Server-Side Request Forgery SSRF vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0...

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0...

Authorization

Missing Authorization vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0...

CVE-2024-27950

The CVE-2024-27950 issue applies to the Sirv WordPress Plugin (Image Optimizer/Resizer/CDN) with versions through 7.2.0. Root cause is Missing Authorization (Broken Access Control) in the plugin. Impact and exploit details are not elaborated in the provided documents. Remediation: upgrade to vers...

CVE-2024-27950 WordPress Sirv plugin <= 7.2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through = 7.2.0...

CVE-2024-27950 WordPress Sirv plugin <= 7.2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through = 7.2.0...

CVE-2024-27949

CVE-2024-27949 is an SSRF vulnerability in the WordPress plugin Image Optimizer, Resizer and CDN – Sirv . It affects the plugin’s handling of requests in versions up to and including 7.2.0 (no fixed version explicitly beyond 7.2.0 stated in the provided documents). The vulnerability is described ...

CVE-2024-27949 WordPress Sirv plugin <= 7.2.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through = 7.2.0...

[SECURITY] Fedora 38 Update: gifsicle-1.95-1.fc38

Gifsicle is a command-line tool for creating, editing, and getting information about GIF images and animations. Some more gifsicle features: Batch mode for changing GIFs in place. Prints detailed information about GIFs, including comments. Control over interlacing, comments, looping,...

PT-2024-22155 · Sirv · Sirv Image Optimizer

Name of the Vulnerable Software and Affected Versions: Sirv Image Optimizer, Resizer and CDN – Sirv versions n/a through 7.2.0 Description: A Server-Side Request Forgery SSRF issue affects the software. This issue allows for potentially malicious requests to be made from the server...

PT-2024-22157 · Sirv · Sirv Image Optimizer

Name of the Vulnerable Software and Affected Versions: Sirv Image Optimizer, Resizer and CDN versions through 7.2.0 Description: A Missing Authorization issue affects the Image Optimizer, Resizer and CDN – Sirv. Recommendations: For versions through 7.2.0, update to a version that contains a fix...

CVE-2024-1976

The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20200925. This is due to missing or incorrect nonce validation via the admin/main-settings-page.php file. This makes it possible for unauthenticated attackers to update t...

CVE-2024-1976

The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20200925. This is due to missing or incorrect nonce validation via the admin/main-settings-page.php file. This makes it possible for unauthenticated attackers to update t...

Cross site request forgery (csrf)

The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20200925. This is due to missing or incorrect nonce validation via the admin/main-settings-page.php file. This makes it possible for unauthenticated attackers to update t...

CVE-2024-1976

The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20200925. This is due to missing or incorrect nonce validation via the admin/main-settings-page.php file. This makes it possible for unauthenticated attackers to update t...

CVE-2024-1976

CVE-2024-1976 : Marketing Optimizer (WordPress plugin) is vulnerable to Cross-Site Request Forgery that can lead to Stored Cross-Site Scripting via admin/main-settings-page.php. The issue arises from missing or incorrect nonce validation, allowing unauthenticated attackers to update plugin settin...

CVE-2024-1976 Marketing Optimizer <= 20200925 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20200925. This is due to missing or incorrect nonce validation via the admin/main-settings-page.php file. This makes it possible for unauthenticated attackers to update t...