com.chutneytesting:action-impl (>=2.2.1 <=2.5.1), com.chutneytesting:chutney-junit-engine (>=2.2.1 <=2.5.1) +37 more potentially affected by CVE-2023-46604 via org.apache.activemq:activemq-openwire-legacy (>=5.18.0 <=5.18.2)

org.apache.activemq:activemq-openwire-legacy MAVEN version =5.18.0, =2.2.1, =2.2.1, =2.2.2, =2.2.1, =RC0-0.19.12-2023-10-27, =RC0-0.19.12-2023-10-27, =RC0-0.19.12-2023-10-27, =RC0-0.19.12-2023-10-27, =2.19.1, =5.18.0, =5.18.0, =5.18.0, =5.18.0, =5.18.0, =5.18.0, =5.18.2 and more Source cves:...

CVE-2023-46077

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin = 2.2.5 versions...

CVE-2023-46077

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin = 2.2.5 versions...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin = 2.2.5 versions...

CVE-2023-46077

CVE-2023-46077 : Unauthenticated Reflected Cross-Site Scripting in the WordPress plugin The Awesome Feed – Custom Feed (Arrow Plugins) affecting versions ≤ 2.2.5. Public records (Wordfence, Red Hat, Red Hat RHV, NVD mirror) confirm an XSS vulnerability exploitable by unauthenticated users and ind...

CVE-2023-46077 WordPress The Awesome Feed – Custom Feed Plugin <= 2.2.5 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin = 2.2.5 versions...

com.base2services.jenkins:github-sqs-plugin (>=1.0 <=1.5), com.elasticbox.jenkins-ci.plugins:elasticbox (>=4.0.9 <=4.1.6) +24 more potentially affected by CVE-2023-46650 via com.coravy.hudson.plugins.github:github (>=1.10 <=1.3)

com.coravy.hudson.plugins.github:github MAVEN version =1.10, =1.0, =4.0.9, =1.0-alpha-1, =1.0-alpha-1, =1.0-alpha-1, =1.0.0, =1.0.0, =1.0-alpha-8, =1.0-alpha-4, =0.1-preview-4, =1.0-alpha-1, =1.3.0, =1.0, =0.9.14, =1.36.0, =1.42.2 and more Source cves: CVE-2023-46650 Source advisory:...

CVE-2022-3699

A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to version 1.3.1.2 and Lenovo Diagnostics prior to version 4.45 that could allow a local user to execute code with elevated privileges...

gst-plugins-bad security vulnerability

gst-plugins-bad is an open source GStreamer plugin for GStreamer. A security vulnerability exists in versions prior to gst-plugins-bad 1.22.6, which stems from the presence of an integer overflow vulnerability...

gst-plugins-bad security vulnerability

gst-plugins-bad is an open source GStreamer plugin for GStreamer. A security vulnerability exists in versions prior to gst-plugins-bad 1.22.6, which stems from the presence of an integer overflow vulnerability...

gst-plugins-bad security vulnerability

gst-plugins-bad is an open source GStreamer plugin for GStreamer. A security vulnerability exists in versions prior to gst-plugins-bad 1.22.6, which stems from the presence of an integer overflow vulnerability...

Debian DSA-5533-1 : gst-plugins-bad1.0 - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5533 advisory. Multiple vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or...

Debian: Security Advisory (DSA-5533-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Jenkins plugins Multiple Vulnerabilities (2023-10-25)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - High GitHub Plugin 1.37.3 and earlier does not escape the GitHub project URL on the build page when showing changes. This results in a stor...

DSA-5533-1 gst-plugins-bad1.0 - security update

Bulletin has no description...

CVE-2023-46303

CVE-2023-46303 affects calibre up to version 6.18.x; the vulnerability is caused by link_to_local_path in ebooks/conversion/plugins/html_input.py, which can cause resources to be added outside the document root by default. This is supported by multiple connected records noting the same issue and ...

CVE-2023-46303

linktolocalpath in ebooks/conversion/plugins/htmlinput.py in calibre before 6.19.0 can, by default, add resources outside of the document root...

CVE-2023-4668

The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the ai-debug-processing-fe URL parameter. This can allow unauthenticated attackers to extract sensitive data including installed plugins present and active, active theme,...

CVE-2023-4668 Ad Inserter <= 2.7.30 - Unauthenticated Sensitive Information Exposure via ai-debug-processing-fe

The Ad Inserter for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.30 via the ai-debug-processing-fe URL parameter. This can allow unauthenticated attackers to extract sensitive data including installed plugins present and active, active theme,...

[SECURITY] Fedora 38 Update: trafficserver-9.2.3-1.fc38

Traffic Server is a high-performance building block for cloud services. It's more than just a caching proxy server; it also has support for plugins to build large scale web applications. Key features: Caching - Improve your response time, while reducing server load and bandwidth needs by caching...