PT-2024-25265 · Hisiphp · Hisiphp

Name of the Vulnerable Software and Affected Versions: hisiphp version 2.0.111 Description: An issue in hisiphp allows a remote attacker to execute arbitrary code via a crafted script to the SystemPlugins::mkInfo parameter in the SystemPlugins.php component. Recommendations: For hisiphp version...

container-tools:ol8 security and bug fix update

aardvark-dns buildah 1:1.31.5-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.31 https://github.com/containers/buildah/commit/5fd539c - Resolves: RHEL-26772 1:1.31.3-3 - Make the module buildable again - Resolves: RHEL-16299 1:1.31.3-2 - Rebuild with golan...

container-tools:4.0 security update

buildah 1.24.7-1 - bump to v1.24.7 - Resolves: RHEL-26767 cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp oci-seccomp-bpf-hook podman python-podman runc 1.1.12-1.0.1 - rebuild with golang 1.20.12 for CVE-2023-39326 skopeo...

RHEL 8 : Jenkins and Jenkins-2-plugins (RHSA-2024:0778)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0778 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

PT-2024-25413 · Real Big Plugins · Real Big Plugins Client Dash

Name of the Vulnerable Software and Affected Versions: Real Big Plugins Client Dash versions 2.2.1 and earlier Description: The issue is related to a Missing Authorization vulnerability in Real Big Plugins Client Dash. Recommendations: For versions 2.2.1 and earlier, update to a version later tha...

RHEL 8 : OpenShift Container Platform 4.10.58 (RHSA-2023:1866)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1866 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

RHEL 7 / 8 : OpenShift Container Platform 4.10.56 (RHSA-2023:1655)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1655 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

PT-2024-25407 · Toast Plugins · Toast Plugins Sticky Anything

Name of the Vulnerable Software and Affected Versions: Toast Plugins Sticky Anything versions through 2.1.5 Description: A Cross-Site Request Forgery CSRF issue in Toast Plugins Sticky Anything allows Cross-Site Scripting XSS. Recommendations: For versions through 2.1.5, update to a version later...

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3299)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3299 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0776)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0776 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3198)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3198 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

RHEL 7 : gstreamer1-plugins-bad-free (RHSA-2024:0013)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0013 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a...

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3622)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3622 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3663)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3663 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

RHEL 8 : Red Hat Product OCP Tools 4.11 Openshift Jenkins (RHSA-2023:6171)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6171 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

CVE-2024-3682 WP STAGING <= 3.4.3 and WP STAGING Pro <= 5.4.3 - Sensitive Information Exposure via Log File

The WP STAGING and WP STAGING Pro plugins for WordPress are vulnerable to Sensitive Information Exposure in versions up to, and including, 3.4.3, and versions up to, and including, 5.4.3, respectively, via the ajaxSendReport function. This makes it possible for unauthenticated attackers to extrac...

FOX – Currency Switcher Professional for WooCommerce < 1.4.1.9 - Unauthenticated Arbitrary Shortcode Execution

Description The FOX – Currency Switcher Professional for WooCommerce plugin is vulnerable to Unauthenticated Arbitrary Shortcode Execution in versions up to, and including, 1.4.1.8. This allows unauthenticated attackers to execute arbitrary shortcodes. The severity and exploitability depends on...

[SECURITY] Fedora 40 Update: editorconfig-0.12.7-1.fc40

EditorConfig makes it easy to maintain the correct coding style when switching between different text editors and between different projects. The EditorConfig project maintains a file format and plugins for various text editors which allow this file format to be read and used by those editors...

[SECURITY] Fedora 38 Update: editorconfig-0.12.7-1.fc38

EditorConfig makes it easy to maintain the correct coding style when switching between different text editors and between different projects. The EditorConfig project maintains a file format and plugins for various text editors which allow this file format to be read and used by those editors...

com.charlyghislain.keycloak:keycloak-importexport (=21.0.0), com.github.vzakharchenko:chillispot-radius-plugin (>=1.4.10 <=1.4.11) +79 more potentially affected by CVE-2023-6787 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=22.0.1)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =0.3.0-20.0.1, =0.4.5-20.0.2, =1.0.1, =1.3.2, =1.3.6 - io.github.jeff-tian:keycloak-phone-provider =2.3.10 and more Source cves: CVE-2023-6787 Source advisor...