RLSA-2025:22760 Important: abrt security update

The Automatic Bug Reporting Tool ABRT recognizes defects in applications and creates bug reports that help maintainers fix the defects. ABRT uses a plug-in system to extend its functionality. Security Fixes: abrt: Command-injection in ABRT leading to local privilege escalation CVE-2025-12744 For...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017699)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017699 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Audit Plug-in. Supported versions that are affected are 5.7.33 and prior and 8.0.23 and...

CLSA-2026-1775145256 gimp: Fix of CVE-2025-2761

CVE-2025-2761: fix out-of-bounds write in FLI plug-in ZDI-CAN-25100...

CLSA-2026-1775144394 gimp: Fix of CVE-2025-2761

CVE-2025-2761: fix out-of-bounds write in FLI plug-in ZDI-CAN-25100...

[SECURITY] Fedora 44 Update: bind-dyndb-ldap-11.11-13.fc44

This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server...

CVE-2026-27813

CVE-2026-27813 affects the EVerest EV charging software stack. Versions prior to 2026.02.0 contain a data race that can lead to a use-after-free condition. The issue is triggered by EV plug-in/unplug events and RFID/RemoteStart/OCPP authorization events (or delayed authorization responses). A pat...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gimp (UTSA-2026-006281)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006281 advisory. A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP Despeckle plug-in. The issue occurs due to unchecked multiplication of image dimension...

ROS-20260319-73-0010

A vulnerability in the inforward plug-in of the Fluent Bit logging tool is related to a lack of authentication for a critical function . Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and gain access to the system...

AnythingLLM SQL注入漏洞

AnythingLLM is an all-in-one AI application open-sourced by Mintplex. AnythingLLM SQL injection vulnerability , the vulnerability stems from the built-in SQL proxy plug-in getTableSchemaSql method of the tablename parameter lack of validation of external input SQL statements , an attacker can use...

CVE-2026-24313

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

EUVD-2026-10448

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

CVE-2026-24313

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

CVE-2026-24313 Missing Authorization check in SAP Solution Tools Plug-In (ST-PI)

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

CVE-2026-24313

CVE-2026-24313 affects SAP Solution Tools Plug-In (ST-PI). A function module does not perform proper authorization checks for authenticated users, enabling disclosure of system information. According to the provided documentation, the vulnerability has a low confidentiality impact and does not af...

CVE-2026-24313 Missing Authorization check in SAP Solution Tools Plug-In (ST-PI)

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

Build Numbers and Versions of Veeam Plug-In for HPE Morpheus VM Essentials

This KB article lists all versions of the Veeam Plug-in for HPE Morpheus VM Essentials and their respective worker build numbers. Version | Plug-In / Worker Build | Release Date ---|---|--- Veeam Plug-in for HPE Morpheus VM Essentials 1 Releases Veeam Plug-in for HPE Morpheus VM Essentials 1.1...

SAP Solution Tools Plug-In 安全漏洞

SAP Solution Tools Plug-In is a basic component plugin developed by the German company SAP. There is a security vulnerability in the SAP Solution Tools Plug-In, which stems from the lack of necessary authorization checks for authenticated users. This vulnerability may lead to the disclosure of...

CVE-2026-23681

Due to missing authorization check in a function module in SAP Support Tools Plug-In, an authenticated attacker could invoke specific function modules to retrieve information about the system and its configuration. This disclosure of the system information could assist the attacker to plan...

Exploit for Improper Access Control in Oracle Http_Server

CVE-2026-21962 Concurrent WebLogic Scanner/Exploiter High-per...

CVE-2026-24322

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing sensitive information to be disclosed. This vulnerability has a high impact on confidentiality and does not affect integrity or availability...