CVE-2021-38561 affecting package containernetworking-plugins for versions less than 1.6.1-4

CVE-2021-38561 affecting package containernetworking-plugins for versions less than 1.6.1-4. An upgraded version of the package is available that resolves this issue...

CVE-2024-9645

The Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry WordPress plugin before 2.2.93 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform...

CVE-2023-2334

The edd-google-sheet-connector-pro WordPress plugin before 1.4, Easy Digital Downloads Google Sheet Connector WordPress plugin before 1.6.6 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a...

CVE-2024-6712 MapFig Studio <= 0.2.1 - Stored XSS via CSRF

The MapFig Studio WordPress plugin through 0.2.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

CVE-2024-10076 Jetpack < 13.8, Boost < 3.4.8 - Contributor+ Stored XSS

The Jetpack WordPress plugin before 13.8, Jetpack Boost WordPress plugin before 3.4.8 use regexes in the Site Accelerator features when switching image URLs to their CDN counterpart. Unfortunately, some of them may match patterns it shouldn’t, ultimately making it possible for contributor and abo...

Important: Red Hat Security Advisory: Red Hat Developer Hub 1.6.0 release.

Red Hat Developer Hub 1.6.0 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

Security update for rabbitmq-server313

This update for rabbitmq-server313 fixes the following issues: CVE-2025-30219: incorrectly escaped virtual hostname present in error message could lead to XSS attack. bsc1240071 Non-security fixes: Require rabbitmq-server313-plugins rather then rabbitmq-server-plugins. bsc1231656, bsc1234763 Patc...

Jenkins plugins Multiple Vulnerabilities (2025-05-14)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Critical In WSO2 Oauth Plugin 1.0 and earlier authentication claims are accepted without validation by the WSO2 Oauth security realm. This...

RHSA-2025:7242 Red Hat Security Advisory: gstreamer1-plugins-good security update

Bulletin has no description...

RHSA-2025:7243 Red Hat Security Advisory: gstreamer1-plugins-base security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: gstreamer1-plugins-good security update

An update for gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

gstreamer1-plugins-good: integer underflow in FOURCC_strf parsing leading to OOB-read

A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer can lead to out-of-bounds reads that may cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...

Moderate: Red Hat Security Advisory: gstreamer1-plugins-base security update

An update for gstreamer1-plugins-base is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 9 : gstreamer1-plugins-base (RHSA-2025:7243)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7243 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contai...

RHEL 9 : gstreamer1-plugins-good (RHSA-2025:7242)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7242 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contai...

PT-2025-20549 · WordPress · Eucookielaw +1

Name of the Vulnerable Software and Affected Versions: EUCookieLaw plugin for WordPress versions up to and including 2.7.2 Description: The issue allows unauthenticated attackers to read the contents of arbitrary files on the server, potentially containing sensitive information, via the file get...

gstreamer1-plugins-base security update

An update is available for gstreamer1-plugins-base. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs of...

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=6.1.0 <=6.1.3), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=6.1.0) +3 more potentially affected by CVE-2025-46827 via org.graylog2:graylog2-server (>=6.1.0 <=6.1.1)

org.graylog2:graylog2-server MAVEN version =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.1 Source cves: CVE-2025-46827 Source advisory: SNYK:JAVA-ORGGRAYLOG2-10116752...

org.graylog.plugins:graylog-plugin-parent (>=6.0.0 <=6.0.13), org.graylog.plugins:graylog-plugin-web-parent (>=6.0.0 <=6.0.13) potentially affected by CVE-2025-46827 via org.graylog2:graylog2-server (>=6.0.0 <=6.0.13)

org.graylog2:graylog2-server MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.13 Source cves: CVE-2025-46827 Source advisory: SNYK:JAVA-ORGGRAYLOG2-10116752...

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=6.1.0 <=6.1.3), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=6.1.0) +3 more potentially affected by CVE-2025-46827 via org.graylog2:graylog2-server (>=6.1.0 <=6.1.1)

org.graylog2:graylog2-server MAVEN version =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.1 Source cves: CVE-2025-46827 Source advisory: OSV:GHSA-76VF-MPMX-777J...