RHEL 6 : gstreamer-plugins-bad (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with AES3 audio...

gstreamer1-plugins-base security update

An update is available for gstreamer1-plugins-base. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs of...

389-ds-base enhancement update

An update is available for 389-ds-base. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The ba...

CVE-2024-34825

CVE-2024-34825 is a CSRF vulnerability in the Social Warfare WordPress plugin. The connected sources confirm a CSRF flaw affecting Social Warfare versions up to 4.4.5.1. No concrete exploit details, affected products beyond the plugin name/version range, root-cause analysis, or remediation steps ...

PT-2024-26213 · Unknown +2 · Integration For Pipedrive/Contact Form 7 +3

Name of the Vulnerable Software and Affected Versions: Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms versions 1.2.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to perform...

hidden-plugin-topicregex (>=0.0.3 <=0.0.4), thelounge-plugin-giphy (>=1.0.1 <=1.0.2) +3 more potentially affected by unknown CVE via thelounge (>=3.0.1 <=4.2.0)

thelounge NPM version =3.0.1, =0.0.3, =1.0.1, =1.0.2, =1.4.3, =1.4.2, =1.6.0 Source cves: unknown CVE Source advisory: OSV:GHSA-G49Q-JW42-6X85...

Malicious code in bot-login-plugins (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 466263e8cbd2152f68613171597ebbfc45204feb62846eea580ccd128e30f498 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1343 Malicious code in bot-login-plugins (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 466263e8cbd2152f68613171597ebbfc45204feb62846eea580ccd128e30f498 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WordPress plugin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

container-tools:4.0 security update

An update is available for libslirp, module.buildah, module.crun, buildah, fuse-overlayfs, udica, module.oci-seccomp-bpf-hook, module.runc, conmon, module.containers-common, python-podman, module.libslirp, module.fuse-overlayfs, runc, criu, module.toolbox, module.container-selinux,...

container-tools:rhel8 security and bug fix update

An update is available for libslirp, module.buildah, module.crun, buildah, fuse-overlayfs, udica, module.oci-seccomp-bpf-hook, module.netavark, module.runc, conmon, module.containers-common, python-podman, module.libslirp, module.aardvark-dns, module.fuse-overlayfs, runc, criu, aardvark-dns,...

Oracle Linux 9 : containernetworking-plugins (ELSA-2024-2272)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2272 advisory. - rebuild for following CVEs: CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540...

Oracle Linux 9 : gstreamer1-plugins-base (ELSA-2024-2302)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2302 advisory. - CVE-2023-37328: heap overwrite in subtitle parsing Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...

Oracle Linux 9 : gstreamer1-plugins-good (ELSA-2024-2303)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2303 advisory. - CVE-2023-37327: integer overflow leading to heap overwrite in FLAC image tag handling Tenable has extracted the preceding description block directly from the...

AZL-44187 CVE-2023-37329 affecting package gstreamer1-plugins-base 1.20.0-3

GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may va...

AZL-43777 CVE-2023-37329 affecting package gstreamer1-plugins-base 1.20.0-3

GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may va...

gstreamer1-plugins-base security update

1.22.1-2 - CVE-2023-37328: heap overwrite in subtitle parsing - Resolves: RHEL-19475...

containernetworking-plugins security update

1:1.4.0-2 - rebuild - Related: RHEL-18372 1:1.4.0-1 - update to https://github.com/containernetworking/plugins/releases/tag/v1.4.0 - Related: RHEL-2112 1:1.3.0-5 - fix path to dhcp service - Resolves: RHEL-3140 1:1.3.0-4 - add Epoch in Provides - Related: 2176063 1:1.3.0-3 - remove noopenssl for...

gstreamer1-plugins-bad-free security update

1.22.1-4 - CVE-2023-40474: Integer overflow leading to heap overwrite in MXF - CVE-2023-40475: Integer overflow leading to heap overwrite in MXF - CVE-2023-40476: Integer overflow in H.265 video parser - ZDI-CAN-22300: buffer overflow vulnerability - Resolves: RHEL-19501, RHEL-19505, RHEL-19506,...

gstreamer-plugins-bad: Integer overflow in H.265 video parser leading to stack overwrite

A stack-based buffer overflow was found in the GStreamer Plugins Bad when handling malformed files with H.265 video streams. This issue requires user interaction with the library and may allow a malicious user to cause an integer overflow before allocating the buffer, triggering a crash or code...