SUSE-SU-2025:0067-1 Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: - CVE-2024-47530: Fixed an uninitialized stack memory in Matroska/WebM demuxer. boo1234421 - CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 - CVE-2024-47539: Fixed an out-of-bounds write in...

Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: CVE-2024-47538: Fixed a stack-buffer overflow in vorbishandleidentificationpacket. bsc1234415 CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. bsc1234450 CVE-2024-47600: Fixed an out-of-bounds read in...

SUSE SLES15: gstreamer-plugins-base / gstreamer-plugins-base-devel / etc (SUSE-SU-2025:0054-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0054-1 advisory. - CVE-2024-47538: Fixed a stack-buffer overflow in vorbishandleidentificationpacket. bsc1234415 - CVE-2024-47835: Fixed a...

SUSE SLES12: gstreamer-plugins-base / gstreamer-plugins-base-devel / etc (SUSE-SU-2025:0052-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0052-1 advisory. - CVE-2024-47538: Fixed a stack-buffer overflow in vorbishandleidentificationpacket. bsc1234415 - CVE-2024-47835: Fixed a NULL-pointer...

SUSE SLED15: gstreamer-plugins-good / gstreamer-plugins-good-32bit / etc (SUSE-SU-2025:0055-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0055-1 advisory. - CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can le...

SUSE: Security Advisory (SUSE-SU-2025:0054-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:0052-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. boo1234449 CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 CVE-2024-47539: Fixe...

SUSE-SU-2025:0054-1 Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: - CVE-2024-47538: Fixed a stack-buffer overflow in vorbishandleidentificationpacket. bsc1234415 - CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. bsc1234450 - CVE-2024-47600: Fixed an out-of-bounds read in...

Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: CVE-2024-47538: Fixed a stack-buffer overflow in vorbishandleidentificationpacket. bsc1234415 CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. bsc1234450 CVE-2024-47615: Fixed an out-of-bounds write in Ogg...

CVE-2023-28354

An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call checknrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NR...

OPENSUSE-SU-2025:14625-1 gstreamer-plugins-base-1.24.11-1.1 on GA media

These are all security issues fixed in the gstreamer-plugins-base-1.24.11-1.1 package on the GA media of openSUSE Tumbleweed...

CBL Mariner 2.0 Security Update: application-gateway-kubernetes-ingress / cert-manager / cf-cli / cni / cni-plugins (CVE-2024-45338)

The version of application-gateway-kubernetes-ingress / cert-manager / cf-cli / cni / cni-plugins installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45338 advisory. - An attacker can craft an input t...

CVE-2024-11826

The Quill Forms | The Best Typeform Alternative | Create Conversational Multi Step Form, Survey, Quiz, Cost Estimation or Donation Form on WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'quillforms-popup' shortcode in all versions up to, and including...

CVE-2025-22357

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdever Target Notifications target-notifications allows Reflected XSS.This issue affects Target Notifications: from n/a through = 1.1.1...

CVE-2024-56298

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rob @ 5 Star Plugins Pretty Simple Popup Builder pretty-simple-popup-builder allows Stored XSS.This issue affects Pretty Simple Popup Builder: from n/a through = 1.0.9...

CVE-2024-56290

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in silverplugins217 Multiple Shipping And Billing Address For Woocommerce different-shipping-and-billing-address-for-woocommerce allows SQL Injection.This issue affects Multiple Shipping And Billing...

CVE-2025-22353

CVE-2025-22353 is a Reflected XSS in Balcom-Vetillo Design, Inc. BVD Easy Gallery Manager for WordPress. Affects BVD Easy Gallery Manager: from n/a through 1.0.6. Root cause: improper neutralization of input during web page generation. Impact per description: XSS in the victim’s browser when view...

CVE-2024-12077 Booking Calendar and Booking Calendar Pro <= Multiple Versions - Reflected Cross-Site Scripting via 'calendar_id'

The Booking Calendar and Booking Calendar Pro plugins for WordPress are vulnerable to Reflected Cross-Site Scripting via the ‘calendarid’ parameter in all versions up to, and including, 3.2.19 and 11.2.19 respectively, due to insufficient input sanitization and output escaping. This makes it...

CVE-2024-9502

CVE-2024-9502 : Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations for WordPress is vulnerable to Stored Cross-Site Scripting via the Tooltip module in all versions up to 2.0.6.7 due to insufficient input sanitization and output escaping on us...