ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1819 more potentially affected by CVE-2025-27624 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.492.1)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2025-27624 Source advisory: OSV:GHSA-7G95-JMG9-H524...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1819 more potentially affected by CVE-2025-27622 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.492.1)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2025-27622 Source advisory: OSV:GHSA-P34J-R3CH-C985...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1819 more potentially affected by CVE-2025-27625 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.492.1)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2025-27625 Source advisory: OSV:GHSA-8HMV-92WM-39CH...

Important: gstreamer1-plugins-good

Issue Overview: GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a lar...

appscanstandard-integration:ibm-security-appscanstandard-scanner (>=1.0 <=2.8), com.cloudbees.jenkins.plugins:additional-identities-plugin (>=109.v2c51a_117a_7b_4 <=141.vd9ede1e02477) +496 more potentially affected by CVE-2025-27623 via org.jenkins-ci.main:jenkins-core (>=2.0 <=2.492.1)

org.jenkins-ci.main:jenkins-core MAVEN version =2.0, =1.0, =109.v2c51a117a7b4, =1.155.v3d884c1bdee1, =4050.v8ba69b587c39, =4050.v8ba69b587c39, =1.0.5, =2.0.0, =2.0, =1.0.2, =1.0.0, =2.2.0, =2.0.0, =0.1.0, =0.2.0 and more Source cves: CVE-2025-27623https://vulners.com/cve/CVE-2025-2...

appscanstandard-integration:ibm-security-appscanstandard-scanner (>=1.0 <=2.8), com.cloudbees.jenkins.plugins:additional-identities-plugin (>=109.v2c51a_117a_7b_4 <=141.vd9ede1e02477) +496 more potentially affected by CVE-2025-27625 via org.jenkins-ci.main:jenkins-core (>=2.0 <=2.492.1)

org.jenkins-ci.main:jenkins-core MAVEN version =2.0, =1.0, =109.v2c51a117a7b4, =1.155.v3d884c1bdee1, =4050.v8ba69b587c39, =4050.v8ba69b587c39, =1.0.5, =2.0.0, =2.0, =1.0.2, =1.0.0, =2.2.0, =2.0.0, =0.1.0, =0.2.0 and more Source cves: CVE-2025-27625https://vulners.com/cve/CVE-2025-2...

Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: CVE-2024-47538: Fixed stack-buffer overflow in vorbishandleidentificationpacket bsc1234415. CVE-2024-47835: Fixed NULL-pointer dereference in LRC subtitle parser bsc1234450. CVE-2024-47600: Fixed Out-of-bounds read in...

SUSE-SU-2025:20134-1 Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: - CVE-2024-47538: Fixed stack-buffer overflow in vorbishandleidentificationpacket bsc1234415. - CVE-2024-47835: Fixed NULL-pointer dereference in LRC subtitle parser bsc1234450. - CVE-2024-47600: Fixed Out-of-bounds read in...

CVE-2024-5667

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled Featherlight.js JavaScript library versions 1.7.13 to 1.7.14 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-5667 Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Featherlight.js JavaScript Library

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled Featherlight.js JavaScript library versions 1.7.13 to 1.7.14 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-5667

CVE-2024-5667 concerns Stored DOM-Based Cross-Site Scripting via the Featherlight.js library bundled in multiple WordPress plugins. The Connected Documents confirm concrete details: authenticated attackers with contributor+ access can inject scripts that execute on users’ pages. The root cause is...

CVE-2024-5667 Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Featherlight.js JavaScript Library

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled Featherlight.js JavaScript library versions 1.7.13 to 1.7.14 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

Linux Distros Unpatched Vulnerability : CVE-2022-31123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open source observability and data visualization platform. Versions prior to 9.1.8 and 8.5.14 are vulnerable to a bypass in the plugin signature...

Linux Distros Unpatched Vulnerability : CVE-2022-31008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link...

RHEL 8 : Red Hat Product OCP Tools 4.14 Openshift Jenkins (RHSA-2025:2221)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2221 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

RHEL 9 : Red Hat Product OCP Tools 4.16 Openshift Jenkins (RHSA-2025:2219)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2219 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

RHEL 8 : Red Hat Product OCP Tools 4.13 Openshift Jenkins (RHSA-2025:2222)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2222 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

Linux Distros Unpatched Vulnerability : CVE-2022-0286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel. A null pointer dereference in bondipsecaddsa may lead to local denial of service. CVE-2022-0286 Note that Nessus relies on...

WordPress plugin Sports Rankings and Lists 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

Linux Distros Unpatched Vulnerability : CVE-2011-2486

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if...