SUSE SLES15 Security Update : kernel (Live Patch 25 for SUSE Linux Enterprise 15 SP5) (SUSE-SU-2025:4243-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4243-1 advisory. This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.100 fixes various security issues The following security issues were fixed: ...

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent

Summary Vulnerabilities in IBM SDK Java Technology Edition that is shipped as part of agent framework in ITCAM for Applications WebSphere MQ Monitoring Agent. CVE-2025-53066 Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP compone...

Fedora: Security Advisory (FEDORA-2025-20f7fd3e95)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 42 Update: pack-0.38.2-1.fc42

pack is a CLI implementation of the Platform Interface Specification for Cloud Native Buildpacks...

[SECURITY] Fedora 43 Update: pack-0.38.2-1.fc43

pack is a CLI implementation of the Platform Interface Specification for Cloud Native Buildpacks...

Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.47 fixes various security issues The following security issues were fixed: CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882. CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm...

WordPress All In One SEO Pack plugin <= 4.8.6.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Abu Hurayra in WordPress Plugin All In One SEO Pack versions = 4.8.6.1...

SUSE-SU-2025:4237-1 Security update for the Linux Kernel (Live Patch 42 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.170 fixes one security issue The following security issue was fixed: - CVE-2023-53673: Bluetooth: hcievent: call disconnect callback before deleting conn bsc1251983...

SUSE SLES15 Security Update : kernel RT (Live Patch 14 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2025:4208-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4208-1 advisory. This update for the SUSE Linux Enterprise kernel 6.4.0-150600.10.49 fixes various security issues The following security issues were fixed: -...

CVE-2025-13545

A security vulnerability has been detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this vulnerability is an unknown functionality of the file /adminarea/index.php. The manipulation of the argument editpack leads to sql injection. The attack can be...

SUSE-SU-2025:4170-1 Security update for the Linux Kernel (Live Patch 63 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.237 fixes one security issue The following security issue was fixed: - CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778...

CVE-2025-13545

A security vulnerability has been detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this vulnerability is an unknown functionality of the file /adminarea/index.php. The manipulation of the argument editpack leads to sql injection. The attack can be...

CVE-2025-13545

A security vulnerability has been detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this vulnerability is an unknown functionality of the file /adminarea/index.php. The manipulation of the argument editpack leads to sql injection. The attack can be...

CVE-2025-13545 ashraf-kabir travel-agency index.php sql injection

A security vulnerability has been detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this vulnerability is an unknown functionality of the file /adminarea/index.php. The manipulation of the argument editpack leads to sql injection. The attack can be...

PT-2025-47837

Name of the Vulnerable Software and Affected Versions ashraf-kabir travel-agency versions prior to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3 Description A security issue exists in ashraf-kabir travel-agency. The manipulation of the edit pack argument in the /admin area/index.php file leads to SQL...

Travel Agency SQL注入漏洞

Travel Agency is a travel management website by Ashraf Kabir, an individual developer. Travel Agency suffers from an SQL injection vulnerability that stems from incorrect manipulation of the parameter editpack in the file /adminarea/index.php, which could lead to SQL injection...

WordPress Element Pack Addons for Elementor plugin cross-site scripting vulnerability

WordPress Element Pack Addons for Elementor plugin is an extension plugin designed for Elementor page builder that provides rich feature modules and templates for creating professional web designs. The WordPress Element Pack Addons for Elementor plugin suffers from a cross-site scripting...

SUSE SLES15 Security Update : kernel (SUSE-SU-2025:4141-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4141-1 advisory. The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-3800...

CVE-2025-13196

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Open Street Map widget's marker content parameter in all versions up to, and including, 8.3.4. This is due to insufficient input sanitization and output escaping on user-supplied...

Security Bulletin:IBM WebSphere Application Server Liberty shipped with IBM OpenPages has vulnerable crypto.js package (CVE-2020-36732)

Summary IBM WebSphere Application Server Liberty is shipped as a supporting program of IBM OpenPages. Information about crypto.js package vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. These products have addressed the applicable CVE. F...