SUSE SLES15 / openSUSE 15 Security Update : cni-plugins (SUSE-SU-2023:3816-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:3816-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

SUSE: Security Advisory (SUSE-SU-2023:3801-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:3802-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : gstreamer-plugins-base (SUSE-SU-2023:3801-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3801-1 advisory. - GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags. CVE-2021-3522 - Integer...

SUSE SLES15 Security Update : gstreamer-plugins-bad (SUSE-SU-2023:3802-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3802-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

SUSE-SU-2023:3816-1 Security update for cni-plugins

This update of cni-plugins fixes the following issues: - rebuild the package with the go 1.21 security release bsc1212475...

SUSE-SU-2023:3802-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issues: - CVE-2023-37329: Fixed a heap overwrite in PGS subtitle overlay decoder bsc1213126...

SUSE-SU-2023:3801-1 Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: - CVE-2023-37327: Fixed FLAC file parsing integer overflow bsc1213128. - CVE-2023-37328: Fixed PGS file parsing heap-based buffer overflow bsc1213131. - CVE-2021-3522: Fixed frame size check and potential invalid reads bsc1185448...

PT-2023-36268 · Unknown · Cni-Plugins

Name of the Vulnerable Software and Affected Versions: cni-plugins affected versions not specified Description: The issue is related to the rebuild of the cni-plugins package with the go 1.21 security release. Recommendations: At the moment, there is no information about a newer version that...

Jenkins Plugins Multiple Vulnerabilities (2023-09-20)

According to its self-reported version number, the version of Jenkins plugins running on the remote web server is affected by multiple vulnerabilities: - Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier does not escape Failure Cause names in build logs, resulting in a stored cross-site...

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)

Last week, there were 55 vulnerabilities disclosed in 46 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 15 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities ...

SUSE: Security Advisory (SUSE-SU-2023:3688-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : gstreamer-plugins-good (SUSE-SU-2023:3688-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3688-1 advisory. - GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files...

SUSE-SU-2023:3688-1 Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: - CVE-2021-3497: Matroskademux: Fix extraction of multichannel WavPack bsc1184739. - CVE-2022-1920: Fixed integer overflow in WavPack header handling code bsc1201688. - CVE-2022-1921: Fixed integer overflow resulting in heap...

0x.plugin.bom:zero-x-plugin-bom (>=0.0.10 <=1.1.0), app.ariadust.dendrobium:app.ariadust.dendrobium.gradle.plugin (>=1.0.0 <=1.0.4) +1543 more potentially affected by CVE-2023-4759 via org.eclipse.jgit:org.eclipse.jgit (>=6.0.0.202111291000-r <=6.6.0.202305301015-r)

org.eclipse.jgit:org.eclipse.jgit MAVEN version =6.0.0.202111291000-r, =0.0.10, =1.0.0, =1.0, =1.0, =2.0, =1.0, =1.0, =3.0, =3.0, =1.0, =3.26.0, =3.26.0, =4.27.0 and more Source cves: CVE-2023-4759https://vulners.co...

at.molindo:git-commit-id-plugin (=2.1.10-alpha-1), at.nonblocking:nonsnapshot-maven-plugin (=3.0.1) +4141 more potentially affected by CVE-2023-4759 via org.eclipse.jgit:org.eclipse.jgit (>=1.2.0.201112221803-r <=5.13.2.202306221912-r)

org.eclipse.jgit:org.eclipse.jgit MAVEN version =1.2.0.201112221803-r, =2.0.0, =2.0.4, =0.1.1, =0.1.1, =2.0.0, =0.0.1, =0.2.8, =1.5.6 - br.com.sabium.gradle-bump:br.com.sabium.gradle-bump.gradle.plugin =1.0.1 and more Source cves: CVE-2023-4759 Source advisory: OSV:GHSA-3P86-9955-H393...

AffiliateWP < 2.14.1 - Subscriber+ Arbitrary Plugin Activation

Description The theme does not have authorisation and CSRF when activating plugins via an AJAX action, allowing any authenticated users, such as subscriber to activate arbitrary plugins...

OESA-2023-1627 rubygem-railties security update

Rails internals: application bootup, plugins, generators, and rake tasks. Railties is responsible to glue all frameworks together. Overall, it: handles all the bootstrapping process for a Rails application; manages rails command line interface; provides Rails generators core; Security Fixes:...

Heap-based Buffer Overflow

Overview ImageResizer.Plugins.FreeImage is an ImageResizer.Plugins.FreeImage contains several plugins, all based around the abilities offered by the C/C++ FreeImage library. These plugins are alpha-level. Affected versions of this package are vulnerable to Heap-based Buffer Overflow when the...

ch.admin.bit.jeap:jeap-spring-boot-security-starter-it (>=17.16.0 <=17.24.1), ch.mobi.mobitor:mobitor-plugins-test (>=3.1.171 <=3.1.483) +50 more potentially affected by CVE-2023-41329 via com.github.tomakehurst:wiremock-jre8-standalone (>=2.23.2 <=2.35.0)

com.github.tomakehurst:wiremock-jre8-standalone MAVEN version =2.23.2, =17.16.0, =3.1.171, =1.0.7, =1.13.3, =1.0.0, =2.4.4, =6.7.7, =8.1.0, =6.7.7, =9.0.1, =8.5.0, =9.1.18 - de.muenchen.oss.digiwf:digiwf-coverage =1.3.0 and more Source cves: CVE-2023-41329 Source advisory: OSV:GHSA-PMXQ-PJ47-J8J4...