RHEL 8 : gstreamer1-plugins-bad-free (RHSA-2025:8981)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:8981 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a...

Amazon Linux 2 : cni-plugins (ALAS-2025-2882)

The version of cni-plugins installed on the remote host is prior to 1.7.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2882 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare...

RHEL 9 : gstreamer1-plugins-bad-free (RHSA-2025:8978)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:8978 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a...

[SECURITY] [DSA 5941-1] gst-plugins-bad1.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5941-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 11, 2025 https://www.debian.org/security/faq -...

Security update for rabbitmq-server313

This update for rabbitmq-server313 fixes the following issues: CVE-2025-30219: incorrectly escaped virtual hostname present in error message could lead to XSS attack. bsc1240071 Non-security fixes: Require rabbitmq-server313-plugins rather then rabbitmq-server-plugins. bsc1231656, bsc1234763 Patc...

SUSE-SU-2025:01548-1 Security update for rabbitmq-server313

This update for rabbitmq-server313 fixes the following issues: - CVE-2025-30219: incorrectly escaped virtual hostname present in error message could lead to XSS attack. bsc1240071 Non-security fixes: - Require rabbitmq-server313-plugins rather then rabbitmq-server-plugins. bsc1231656, bsc1234763...

Security Bulletin: Multiple security vulnerabilities in RedHat UBI affect IBM Robotic Process Automation for Cloud Pak

Summary Multiple vulnerabilities in RedHat UBI affect IBM Robotic Process Automation for Cloud Pak. RedHat UBI is used as base imaged for IBM Robotic Process Automation for Cloud Pak images. This bulletin identifies the fixes required to address the vulnerabilites. Vulnerability Details...

DSA-5941-1 gst-plugins-bad1.0 - security update

Bulletin has no description...

Debian dsa-5941 : gir1.2-gst-plugins-bad-1.0 - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5941 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5941-1 [email protected] https://www.debian.org/security/ Moritz...

cn.herodotus.engine:message-spring-boot-starter (>=2.7.3.4 <=3.0.0-M2), com.airbus-cyber-security.graylog:graylog-plugin-aggregation-count (>=4.0.0 <=4.1.1) +232 more potentially affected by CVE-2025-27818 via org.apache.kafka:kafka_2.13 (>=2.4.0 <=3.9.0)

org.apache.kafka:kafka2.13 MAVEN version =2.4.0, =2.7.3.4, =4.0.0, =4.0.0, =4.0.0, =4.0.1, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.7.4-SNAPSHOT-35e64fa - com.bisnode.kafka.authorizat...

Important: cni-plugins

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

Important: cni-plugins

Issue Overview: The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms. CVE-2024-24790 The net/http package accepted data in the chunked transfer encoding...

CLSA-2025-1749506165 gstreamer1-plugins-good: Fix of CVE-2024-47544

CVE-2024-47544: fix multiple NULL-pointer dereferences in the MP4/MOV demuxer's CENC handling...

grafana: Cross-site Scripting (XSS) in Grafana via Custom Frontend Plugins and Open Redirect

A flaw was found in Grafana's custom frontend plugin handling. This vulnerability allows an attacker to perform a cross-site scripting XSS attack by exploiting a client path traversal and an open redirect issue, leading to arbitrary JavaScript execution and potential user redirection to malicious...

grafana: Cross-site Scripting (XSS) in Grafana via Custom Frontend Plugins and Open Redirect

A flaw was found in Grafana's custom frontend plugin handling. This vulnerability allows an attacker to perform a cross-site scripting XSS attack by exploiting a client path traversal and an open redirect issue, leading to arbitrary JavaScript execution and potential user redirection to malicious...

grafana: Cross-site Scripting (XSS) in Grafana via Custom Frontend Plugins and Open Redirect

A flaw was found in Grafana's custom frontend plugin handling. This vulnerability allows an attacker to perform a cross-site scripting XSS attack by exploiting a client path traversal and an open redirect issue, leading to arbitrary JavaScript execution and potential user redirection to malicious...

grafana: Cross-site Scripting (XSS) in Grafana via Custom Frontend Plugins and Open Redirect

A flaw was found in Grafana's custom frontend plugin handling. This vulnerability allows an attacker to perform a cross-site scripting XSS attack by exploiting a client path traversal and an open redirect issue, leading to arbitrary JavaScript execution and potential user redirection to malicious...

grafana: Cross-site Scripting (XSS) in Grafana via Custom Frontend Plugins and Open Redirect

A flaw was found in Grafana's custom frontend plugin handling. This vulnerability allows an attacker to perform a cross-site scripting XSS attack by exploiting a client path traversal and an open redirect issue, leading to arbitrary JavaScript execution and potential user redirection to malicious...

grafana: Cross-site Scripting (XSS) in Grafana via Custom Frontend Plugins and Open Redirect

A flaw was found in Grafana's custom frontend plugin handling. This vulnerability allows an attacker to perform a cross-site scripting XSS attack by exploiting a client path traversal and an open redirect issue, leading to arbitrary JavaScript execution and potential user redirection to malicious...

grafana: Cross-site Scripting (XSS) in Grafana via Custom Frontend Plugins and Open Redirect

A flaw was found in Grafana's custom frontend plugin handling. This vulnerability allows an attacker to perform a cross-site scripting XSS attack by exploiting a client path traversal and an open redirect issue, leading to arbitrary JavaScript execution and potential user redirection to malicious...