CVE-2023-33333 WordPress Complianz and Complianz Premium plugins - Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability in Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium allows Cross-Site Scripting XSS.This issue affects Complianz: from n/a through 6.4.4; Complianz Premium: from n/a through 6.4.6.1...

CVE-2023-34030

CVE-2023-34030 is a Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Complianz and Complianz Premium. Affected: Complianz up to 6.4.5 and Complianz Premium up to 6.4.7. Public sources (NVD/NVD-linked) list CVSSv3.1 base scores of 8.8 (HIGH) with network attack vector, no p...

CVE-2023-34030 WordPress Complianz and Complianz Premium plugins - Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium allows Cross-Site Request Forgery.This issue affects Complianz: from n/a through 6.4.5; Complianz Premium: from n/a through 6.4.7...

PT-2023-24302 · Really Simple Plugins · Really Simple Plugins Complianz Premium +1

Name of the Vulnerable Software and Affected Versions: Really Simple Plugins Complianz versions through 6.4.4 Really Simple Plugins Complianz Premium versions through 6.4.6.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that also allows Cross-Site Scripting XSS in...

Ubuntu: Security Advisory (USN-6526-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-3673-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

com.charlyghislain.keycloak:keycloak-importexport (=21.0.0), com.github.vzakharchenko:chillispot-radius-plugin (>=1.4.10 <=1.4.11) +83 more potentially affected by CVE-2022-2232 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=23.0.0)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.1.23, =0.3.0-20.0.1, =0.4.5-20.0.2, =1.0.1, =1.3.2, =1.3.11 and more Source cves: CVE-2022-2232 Source advisory: OSV:GHSA-8HC5-RMGF-QX6P...

com.github.vzakharchenko:chillispot-radius-plugin (>=1.4.10 <=1.4.11), com.github.vzakharchenko:cisco-radius-plugin (>=1.4.10 <=1.4.11) +21 more potentially affected by CVE-2022-2232 via org.keycloak:keycloak-ldap-federation (>=1.0-beta-4 <=23.0.0)

org.keycloak:keycloak-ldap-federation MAVEN version =1.0-beta-4, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =0.1.0, =0.2, =1.0-beta-4, =20.0.0, =20.0.0, =21.1.0, =23.0.0 and more Source cves: CVE-2022-2232 Source advisory: OSV:GHSA-8HC5-RMGF-QX6P...

USN-6526-1 gst-plugins-bad1.0 vulnerabilities

It was discovered that GStreamer Bad Plugins incorrectly handled certain media files. A remote attacker could use this issue to cause GStreamer Bad Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

Multiple Plugins by Trustindex.io <= (Various Versions)- Authenticated (Editor+) Arbitrary File Upload

Description Multiple plugins for WordPress by Trustindex.io are vulnerable to arbitrary file uploads due to missing file type validation in the /tabs/featurerequest.php file in various versions. This makes it possible for authenticated attackers, with editor-level access and above, to upload...

SUSE: Security Advisory (SUSE-SU-2023:4596-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:4595-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:4597-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:4594-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12: gstreamer-plugins-bad / gstreamer-plugins-bad-devel / etc (SUSE-SU-2023:4597-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4597-1 advisory. - CVE-2023-40474: Fixed integer overflow causing out of bounds writes when handling invalid uncompressed video bsc1215796. -...

SUSE SLES15: gstreamer-plugins-bad / gstreamer-plugins-bad-chromaprint / etc (SUSE-SU-2023:4595-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4595-1 advisory. - CVE-2023-40474: Fixed integer overflow causing out of bounds writes when handling invalid uncompressed video bsc1215796. -...

SUSE SLES15: gstreamer-plugins-bad / gstreamer-plugins-bad-chromaprint / etc (SUSE-SU-2023:4594-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4594-1 advisory. - CVE-2023-40474: Fixed integer overflow causing out of bounds writes when handling invalid uncompressed video bsc1215796. -...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : GStreamer Bad Plugins vulnerabilities (USN-6526-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6526-1 advisory. It was discovered that GStreamer Bad Plugins incorrectly handled certain media files. A remote attacker could use this issue ...

SUSE SLES15: gstreamer-plugins-bad / gstreamer-plugins-bad-devel / etc (SUSE-SU-2023:4596-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4596-1 advisory. - CVE-2023-40474: Fixed integer overflow causing out of bounds writes when handling invalid uncompressed video bsc1215796. -...

Debian dla-3673 : gir1.2-gst-plugins-bad-1.0 - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3673 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3673-1 [email protected] https://www.debian.org/lts/security/...