PT-2025-43404

Name of the Vulnerable Software and Affected Versions OpenBao versions 2.2.0 through 2.4.1 Description OpenBao, an open source identity-based secrets management system, experienced a regression in its audit log functionality. Raw HTTP bodies from certain endpoints were not properly redacted,...

Ubuntu: Security Advisory (USN-7827-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2025-43235

Name of the Vulnerable Software and Affected Versions e-plugins Directory Pro versions through 2.5.5 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a Reflected Cross-site Scripting XSS condition. This allows an attacker ...

CLSA-2025-1761082098 Fix CVE(s): CVE-2022-0547

SECURITY UPDATE: Authentication bypass in external authentication plug-ins with only partially correct credentials - debian/patches/CVE-2022-0547.patch: disallow multiple deferred authentication plug-ins - CVE-2022-0547 Update sample keys for testing - debian/sample-keys/ - debian/rules -...

BambuStudio 安全漏洞

BambuStudio is a Bambu Lab open source software that connects BambuLab to other 3D printers. A security vulnerability exists in BambuStudio version 2.1.1.52 and prior versions, which stems from the loading of a web plug-in at application startup without verifying the digital signature or...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : GStreamer Base Plugins vulnerabilities (USN-7827-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7827-1 advisory. Shaun Mirani discovered that GStreamer Base Plugins did not correctly handle certain memory operations. An attacker could possibl...

USN-7827-1: GStreamer Base Plugins vulnerabilities

Shaun Mirani discovered that GStreamer Base Plugins did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service...

USN-7827-1 gst-plugins-base1.0 vulnerabilities

Shaun Mirani discovered that GStreamer Base Plugins did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service...

openSUSE Security Advisory (SUSE-SU-2025:03629-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WhatWeb Scanner 0.6.3

WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems CMS, blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different...

[SECURITY] Fedora 42 Update: complyctl-0.1.0-1.fc42

complyctl leverages OSCAL to perform compliance assessment activities, using plugins for each stage of the life-cycle...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gstreamer-plugins-rs (SUSE-SU-2025:03629-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03629-1 advisory. Update to version 0.12.11 jscPED-13826: - CVE-2024-32650: Fixed infinite loop in...

Security update for gstreamer-plugins-rs

This update for gstreamer-plugins-rs fixes the following issues: Update to version 0.12.11 jscPED-13826: CVE-2024-32650: Fixed infinite loop in rustls::conn::ConnectionCommon:completeio with proper client input bsc1223219. Patch Instructions: To install this SUSE update use the SUSE recommended...

SUSE-SU-2025:03629-1 Security update for gstreamer-plugins-rs

This update for gstreamer-plugins-rs fixes the following issues: Update to version 0.12.11 jscPED-13826: - CVE-2024-32650: Fixed infinite loop in rustls::conn::ConnectionCommon:completeio with proper client input bsc1223219...

Wordfence Intelligence Weekly WordPress Vulnerability Report (October 6, 2025 to October 12, 2025)

Calling all Vulnerability Researchers and Bug Bounty Hunters! Operation: Maximum Impact Challenge ! Now through November 10, 2025, earn 2X bounty rewards forall in-scope submissions in software with at least 5,000 active installs and fewer than 5 million active installs. Bounties up to $31,200 pe...

CVE-2025-10849

The Felan Framework plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'processpluginactions' function called via an AJAX action in versions up to, and including, 1.1.4. This makes it possible for unauthenticated attackers to activate ...

org.opensearch.dataprepper.plugins:otel-trace-group-processor (>=2.12.0 <=2.12.1) potentially affected by CVE-2025-62371 via org.opensearch.dataprepper.plugins:opensearch (>=2.12.0 <=2.12.1)

org.opensearch.dataprepper.plugins:opensearch MAVEN version =2.12.0, =2.12.0, =2.12.1 Source cves: CVE-2025-62371 Source advisory: OSV:GHSA-43FF-RR26-8HX4...

org.opensearch.dataprepper.plugins:otel-trace-group-processor (>=2.12.0 <=2.12.1) potentially affected by CVE-2025-62371 via org.opensearch.dataprepper.plugins:opensearch (>=2.12.0 <=2.12.1)

org.opensearch.dataprepper.plugins:opensearch MAVEN version =2.12.0, =2.12.0, =2.12.1 Source cves: CVE-2025-62371 Source advisory: SNYK:JAVA-ORGOPENSEARCHDATAPREPPERPLUGINS-13561982...

EUVD-2025-34680

OpenSearch Data Prepper plugins trust all SSL certificates by default...

Improper Certificate Validation

Overview org.opensearch.dataprepper.plugins:kafka-plugins is a Data Prepper project: kafka-plugins Affected versions of this package are vulnerable to Improper Certificate Validation in the SSL certificate validation process when the cert parameter is not explicitly provided. An attacker can...