Important: Red Hat Security Advisory: multicluster engine for Kubernetes v2.8.6 security update

The multicluster engine for Kubernetes 2.8 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.8 images The multicluster engine for Kubernetes provides the foundational components that are...

CVE-2026-35337

Deserialization of Untrusted Data vulnerability in Apache Storm. Versions Affected: before 2.8.6. Description: When processing topology credentials submitted via the Nimbus Thrift API, Storm deserializes the base64-encoded TGT blob using ObjectInputStream.readObject without any class filtering or...

CVE-2025-67921

CVE-2025-67921 : The WordPress theme/plugin Lobo (Lobo – WordPress Portfolio for Freelancers & Agencies) contains an authenticated SQL injection vulnerability. Affected versions are those with

PT-2025-50633

Name of the Vulnerable Software and Affected Versions EasyImages versions 2.0 through 2.8.6 Description An arbitrary file upload issue exists in the /admin/manager.php component. This allows attackers to potentially execute arbitrary code by uploading a specially crafted PHP file. Recommendations...

CVE-2025-66527

CVE-2025-66527: WordPress Lobo theme (versions

Fedora 43 : glib2 (2025-bab973d0b9)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-bab973d0b9 advisory. Update to 2.86.2 Fix CVE-2025-13601 or YWH-PGM9867-134 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

CVE-2025-58800

Cross-Site Request Forgery CSRF vulnerability in Steve Truman WP Email Template wp-email-template allows Cross Site Request Forgery.This issue affects WP Email Template: from n/a through = 2.8.5...

AZL-66711 CVE-2025-54080 affecting package exiv2 0.28.3-1

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions 0.28.5 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An...

CVE-2022-28669

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2023-33321

Missing Authorization vulnerability in Metagauss EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through 2.8.6...

SUSE-SU-2023:1837-1 Security update for apache2-mod_auth_openidc

This update for apache2-modauthopenidc fixes the following issues: - CVE-2022-23527: Fixed open redirect in oidcvalidateredirecturl using tab character bsc1206441. - CVE-2023-28625: Fixed NULL pointer dereference when OIDCStripCookies was set and a crafted Cookie header was supplied bsc1210073...