CLSA-2025-1761320397 Fix CVE(s): CVE-2025-1735

SECURITY UPDATE: fix backport compatibility issue in CVE-2025-1735 patch - debian/patches/CVE-2025-1735.patch: fix incompatible function call zendstringefree replaced with zendstringfree for PHP 7.0.33 compatibility in ext/pgsql/pgsql.c - CVE-2025-1735...

EUVD-2024-34732

Malicious code in bioql PyPI...

EUVD-2023-28477

Malicious code in bioql PyPI...

CVE-2023-24421

Cross-Site Request Forgery CSRF vulnerability in WP Engine PHP Compatibility Checker plugin = 1.5.2 versions...

CVE-2012-6707

WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a...

Fedora 40 : php-bartlett-PHP-CompatInfo (2024-727ecb90c7)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-727ecb90c7 advisory. bartlett/php-compatinfo-db 6.12.0 - 2024-10-29 Added - db:show command is now able to display deprecations on all components - PHP 8.2.25 support - PHP 8.3.1...

Fedora 39 : php-bartlett-PHP-CompatInfo (2024-e7bb8bc2da)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-e7bb8bc2da advisory. bartlett/php-compatinfo-db 6.12.0 - 2024-10-29 Added - db:show command is now able to display deprecations on all components - PHP 8.2.25 support - PHP 8.3.1...

Fedora 38 : php-phpmailer6 (2023-e51479556c)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-e51479556c advisory. Minor security note The DSN support added in 6.8.0 reflects the DSN back to the user in an error message if it is invalid. If a DSN uses user-supplied input ...

CVE-2023-24421

Cross-Site Request Forgery CSRF vulnerability in WP Engine PHP Compatibility Checker plugin = 1.5.2 versions...

CVE-2023-24421

Cross-Site Request Forgery CSRF vulnerability in WP Engine PHP Compatibility Checker plugin = 1.5.2 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in WP Engine PHP Compatibility Checker plugin = 1.5.2 versions...

CVE-2023-24421

CVE-2023-24421 refers to a Cross-Site Request Forgery (CSRF) vulnerability in the WP Engine PHP Compatibility Checker plugin, affected versions

CVE-2023-24421 WordPress PHP Compatibility Checker Plugin <= 1.5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in WP Engine PHP Compatibility Checker plugin = 1.5.2 versions...

WordPress Plugin PHP Compatibility Checker 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

PT-2023-19582 · Wp Engine · Wp Engine Php Compatibility Checker

Name of the Vulnerable Software and Affected Versions: WP Engine PHP Compatibility Checker plugin versions = 1.5.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions...

MGASA-2023-0049 Updated phpmyadmin packages fix security vulnerability

Security fix for an XSS vulnerability in the drag-and-drop upload functionality PMASA-2023-01 Additional bugfixes including - issue 17506 Fix error when configuring 2FA without XMLWriter or Imagick issue 17519 Fix Export pages not working in certain conditions issue 17121 Fix passwordhash functio...

OPENSUSE-SU-2022:0132-1 Security update for php-composer

This update for php-composer fixes the following issues: php-composer was updated to version 1.10.26: Security: Fixed command injection vulnerability in HgDriver/GitDriver: CVE-2022-24828 boo1198494 Update to version 1.10.25 Fix regression with PHP 8.1.0 and 8.1.1 Update to version 1.10.24 Fixed...

MGASA-2019-0053 Updated php-tcpdf packages fix security vulnerabilities

Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data. - Merge various fixes for PHP 7.3 compatibility and security...

MGASA-2018-0463 Updated roundcubemail packages fix security vulnerability & bugs

This is a service release to update the stable version 1.3 of Roundcube Webmail. It contains fixes to several bugs backported from the master branch including a security fix for a reported XSS vulnerability in handling invalid style tag content plus updates to ensure compatibility with PHP 7.3 an...