13 matches found
Debian dla-4575 : firefox-esr - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4575 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4575-1 [email protected]...
[SECURITY] [DLA 4403-1] tzdata new timezone database
------------------------------------------------------------------------- Debian LTS Advisory DLA-4403-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 12, 2025 https://wiki.debian.org/LTS -...
PT-2025-45066
Name of the Vulnerable Software and Affected Versions Everest Forms Pro versions up to and including 1.9.7 Description The Everest Forms Pro plugin for WordPress is susceptible to PHP Object Injection due to deserialization of untrusted input within the mime content type function. This allows...
PT-2023-23840 · Unknown · Rolf Van Gelder Order Your Posts Manually
Name of the Vulnerable Software and Affected Versions: Rolf van Gelder Order Your Posts Manually versions 2.2.5 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection,...
CVE-2023-35938 User access not updated with privilege change in Tuleap
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. When switching from a project visibility that allows restricted users to Private without restricted, restricted users that are project administrators keep this access right. Restricted users tha...
CVE-2021-41179 Two-Factor Authentication not enforced for pages marked as public
Nextcloud is an open-source, self-hosted productivity platform. Prior to Nextcloud Server versions 20.0.13, 21.0.5, and 22.2.0, the Two-Factor Authentication wasn't enforced for pages marked as public. Any page marked as @PublicPage could thus be accessed with a valid user session that isn't...
CVE-2021-21599
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability. This may allow a user with ISIPRIVLOGINSSH or ISIPRIVLOGINCONSOLE to escalate privileges and escape the compliance guarantees. This only impacts Smartlock WORM compliance mode clusters as a critical...
Command injection
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability. This may allow a user with ISIPRIVLOGINSSH or ISIPRIVLOGINCONSOLE to escalate privileges and escape the compliance guarantees. This only impacts Smartlock WORM compliance mode clusters as a critical...
CVE-2021-21599
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability. This may allow a user with ISIPRIVLOGINSSH or ISIPRIVLOGINCONSOLE to escalate privileges and escape the compliance guarantees. This only impacts Smartlock WORM compliance mode clusters as a critical...
[SECURITY] Fedora 21 Update: fedup-0.9.0-2.fc21
fedup is the Fedora Upgrade tool...
[SECURITY] [DSA 1498-1] New libimager-perl packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1498-1 [email protected] http://www.debian.org/security/ Steve Kemp February 19, 2008 http://www.debian.org/security/faq -...
DSA-995-1 metamail - buffer overflow
Bulletin has no description...
DSA-911-1 gtk+2.0 - several
Bulletin has no description...