[SECURITY] Fedora 35 Update: mingw-gstreamer1-plugins-base-1.19.3-1.fc35

GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types ...

[SECURITY] Fedora 34 Update: remmina-1.4.21-1.fc34

Remmina is a remote desktop client written in GTK+, aiming to be useful for system administrators and travelers, who need to work with lots of remote computers in front of either large monitors or tiny net-books. Remmina supports multiple network protocols in an integrated and consistent user...

Design/Logic Flaw

A vulnerability was discovered in the Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows before version 5.8.4, Zoom Client for Meetings for Blackberry for Android and iOS before version 5.8.1, Zoom Client for Meetings for intune for Android and iOS before version 5.8.4, Zoom...

CVE-2021-24703 Download Plugin < 1.6.1 - Subscriber+ Arbitrary Plugin Activation

The Download Plugin WordPress plugin before 1.6.1 does not have capability and CSRF checks in the dpwappluginactivate AJAX action, allowing any authenticated users, such as subscribers, to activate plugins that are already installed...

CVE-2021-43557

The uri-block plugin in Apache APISIX before 2.10.2 uses $requesturi without verification. The $requesturi is the full original request URI without normalization. This makes it possible to construct a URI to bypass the block list on some occasions. For instance, when the block list contains...

Design/Logic Flaw

CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, which could result...

Hardcoded credentials

CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter ACF module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed HTML bypassing content sanitization, which could result ...

[SECURITY] Fedora 35 Update: remmina-1.4.21-1.fc35

Remmina is a remote desktop client written in GTK+, aiming to be useful for system administrators and travelers, who need to work with lots of remote computers in front of either large monitors or tiny net-books. Remmina supports multiple network protocols in an integrated and consistent user...

VulnCheck KEV: CVE-2021-24981

The Directorist WordPress plugin before 7.0.6.2 was vulnerable to Cross-Site Request Forgery to Remote File Upload leading to arbitrary PHP shell uploads in the wp-content/plugins directory...

Mozilla Firefox Security Advisory (MFSA2011-38) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

@jpinkney/plugin (>=0.0.1-1583345065 <=0.0.1-1583345396), @popcornsar/che-theia-plugin-ext (=7.4.0) +14 more potentially affected by CVE-2021-41038 via @theia/plugin-ext (>=0.10.0-next.a2cdb337 <=1.18.0-next.99)

@theia/plugin-ext NPM version =0.10.0-next.a2cdb337, =0.0.1-1583345065, =0.7.0-next.2011dfb2, =0.8.0, =0.3.12, =0.13.0, =0.7.0-next.2011dfb2, =0.17.0-next.0d7566df, =0.0.17, =0.0.6, =0.0.6, =0.0.6, =0.0.6, =0.0.19 and more Source cves: CVE-2021-41038 Source advisory: OSV:GHSA-W6V7-W58J-PG5R...

Huawei EulerOS: Security Advisory for gstreamer1-plugins-base (EulerOS-SA-2021-2686)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gstreamer1-plugins-base (EulerOS-SA-2021-2711)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : gstreamer1-plugins-base (EulerOS-SA-2021-2711)

According to the versions of the gstreamer1-plugins-base packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags. CVE-2021-3522 Note that Tenable...

EulerOS 2.0 SP9 : gstreamer1-plugins-base (EulerOS-SA-2021-2686)

According to the versions of the gstreamer1-plugins-base packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags. CVE-2021-3522 Note that Tenable...

dnf security and bug fix update

An update is available for dnf-plugins-core, dnf, libdnf. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list dnf is a package manager that allows users to manage...

ALBA-2021:4350 setroubleshoot-plugins bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

setroubleshoot-plugins bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

setroubleshoot-plugins bug fix and enhancement update

An update is available for setroubleshoot-plugins. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

container-tools:3.0 security and bug fix update

An update is available for fuse-overlayfs, container-selinux, udica, runc, toolbox, podman, conmon, skopeo, crun, libslirp, oci-seccomp-bpf-hook, slirp4netns, containernetworking-plugins, buildah, criu, cockpit-podman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS...