[SECURITY] Fedora 42 Update: mingw-gstreamer1-plugins-bad-free-1.25.1-3.fc42

GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality...

[SECURITY] Fedora 41 Update: gstreamer1-plugins-bad-free-1.24.11-2.fc41

GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality...

Unveiling Impact of Frequency Components on Membership Inference Attacks for Diffusion Models

Diffusion models have achieved tremendous success in image generation, but they also raise significant concerns regarding privacy and copyright issues. Membership Inference Attacks MIAs are designed to ascertain whether specific data were utilized during a model's training phase. As current MIAs...

CVE-2024-27903

OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service...

CVE-2024-48791

An issue in Plug n Play Camera com.starvedia.mCamView.zwave 5.5.1 allows a remote attacker to obtain sensitive information via the firmware update process...

CVE-2024-48775

An issue in Plug n Play Camera com.ezset.delaney 1.2.0 allows a remote attacker to obtain sensitive information via the firmware update process...

CVE-2024-48770

An issue in Plug n Play Camera com.wisdomcity.zwave 1.1.0 allows a remote attacker to obtain sensitive information via the firmware update process...

CVE-2024-32358

An issue in Jpress v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the custom plug-in module function, a different vulnerability than CVE-2024-43033...

CVE-2023-47201

A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...

CVE-2023-51790

Cross Site Scripting vulnerability in piwigo v.14.0.0 allows a remote attacker to obtain sensitive information via the lang parameter in the Admin Tools plug-in component...

CVE-2023-28813

An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files...

CVE-2023-3607

A vulnerability was found in kodbox 1.26. It has been declared as critical. This vulnerability affects the function Execute of the file webconsole.php.txt of the component WebConsole Plug-In. The manipulation leads to os command injection. The exploit has been disclosed to the public and may be...

CVE-2023-36161

An issue was discovered in Qubo Smart Plug 10A version HSP02010114SYSTEM-10A, allows attackers to cause a denial of service DoS via Wi-Fi deauthentication...

CVE-2023-0060

The Responsive Gallery Grid WordPress plugin before 2.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...

CVE-2023-27217

A stack-based buffer overflow in the ChangeFriendlyName function of Belkin Smart Outlet V2 F7c063 firmware2.00.11420.OWRT.PVTSNSV2 allows attackers to cause a Denial of Service DoS via a crafted UPNP request...

CVE-2022-2637

Incorrect Privilege Assignment vulnerability in Hitachi Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation.This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.8.0 before 04.9.0...

CVE-2022-4041

Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.8.0 before 04.9.1...

CVE-2022-21827

An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows Citrix Secure Access for Windows 21.9.1.2 what could allow an attacker who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM...

CVE-2022-28118

SiteServer CMS v7.x allows attackers to execute arbitrary code via a crafted plug-in...

CVE-2021-29379

An issue was discovered on D-Link DIR-802 A1 devices through 1.00b05. Universal Plug and Play UPnP is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target ST field of the SSDP M-SEARCH discover packet. NOTE: This vulnerability on...