CLSA-2025-1761320397 Fix CVE(s): CVE-2025-1735

SECURITY UPDATE: fix backport compatibility issue in CVE-2025-1735 patch - debian/patches/CVE-2025-1735.patch: fix incompatible function call zendstringefree replaced with zendstringfree for PHP 7.0.33 compatibility in ext/pgsql/pgsql.c - CVE-2025-1735...

EUVD-2024-34732

Malicious code in bioql PyPI...

EUVD-2023-28477

Malicious code in bioql PyPI...

CVE-2023-24421

Cross-Site Request Forgery CSRF vulnerability in WP Engine PHP Compatibility Checker plugin = 1.5.2 versions...

CVE-2012-6707

WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a...

Fedora 40 : php-bartlett-PHP-CompatInfo (2024-727ecb90c7)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-727ecb90c7 advisory. bartlett/php-compatinfo-db 6.12.0 - 2024-10-29 Added - db:show command is now able to display deprecations on all components - PHP 8.2.25 support - PHP 8.3.1...

Fedora 39 : php-bartlett-PHP-CompatInfo (2024-e7bb8bc2da)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-e7bb8bc2da advisory. bartlett/php-compatinfo-db 6.12.0 - 2024-10-29 Added - db:show command is now able to display deprecations on all components - PHP 8.2.25 support - PHP 8.3.1...

Fedora 38 : php-phpmailer6 (2023-e51479556c)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-e51479556c advisory. Minor security note The DSN support added in 6.8.0 reflects the DSN back to the user in an error message if it is invalid. If a DSN uses user-supplied input ...

CVE-2023-24421

Cross-Site Request Forgery CSRF vulnerability in WP Engine PHP Compatibility Checker plugin = 1.5.2 versions...

CVE-2023-24421

Cross-Site Request Forgery CSRF vulnerability in WP Engine PHP Compatibility Checker plugin = 1.5.2 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in WP Engine PHP Compatibility Checker plugin = 1.5.2 versions...

CVE-2023-24421 WordPress PHP Compatibility Checker Plugin <= 1.5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in WP Engine PHP Compatibility Checker plugin = 1.5.2 versions...

CVE-2023-24421

CVE-2023-24421 refers to a Cross-Site Request Forgery (CSRF) vulnerability in the WP Engine PHP Compatibility Checker plugin, affected versions

WordPress Plugin PHP Compatibility Checker 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

PT-2023-19582 · Wp Engine · Wp Engine Php Compatibility Checker

Name of the Vulnerable Software and Affected Versions: WP Engine PHP Compatibility Checker plugin versions = 1.5.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions...

MGASA-2023-0049 Updated phpmyadmin packages fix security vulnerability

Security fix for an XSS vulnerability in the drag-and-drop upload functionality PMASA-2023-01 Additional bugfixes including - issue 17506 Fix error when configuring 2FA without XMLWriter or Imagick issue 17519 Fix Export pages not working in certain conditions issue 17121 Fix passwordhash functio...

OPENSUSE-SU-2022:0132-1 Security update for php-composer

This update for php-composer fixes the following issues: php-composer was updated to version 1.10.26: Security: Fixed command injection vulnerability in HgDriver/GitDriver: CVE-2022-24828 boo1198494 Update to version 1.10.25 Fix regression with PHP 8.1.0 and 8.1.1 Update to version 1.10.24 Fixed...

MGASA-2019-0053 Updated php-tcpdf packages fix security vulnerabilities

Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data. - Merge various fixes for PHP 7.3 compatibility and security...

MGASA-2018-0463 Updated roundcubemail packages fix security vulnerability & bugs

This is a service release to update the stable version 1.3 of Roundcube Webmail. It contains fixes to several bugs backported from the master branch including a security fix for a reported XSS vulnerability in handling invalid style tag content plus updates to ensure compatibility with PHP 7.3 an...