openSUSE 16 Security Update : trivy (openSUSE-SU-2026:20191-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20191-1 advisory. Changes in trivy: - Update to version 0.69.0 bsc1255366, CVE-2025-64702: release: v0.69.0 main 9886 chore: bump trivy-checks to v2 9875 choredep...

OPENSUSE-SU-2026:20191-1 Security update for trivy

This update for trivy fixes the following issues: Changes in trivy: - Update to version 0.69.0 bsc1255366, CVE-2025-64702: release: v0.69.0 main 9886 chore: bump trivy-checks to v2 9875 choredeps: bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to 2.4.1 10091 fixrepo: return a nil interfa...

OPENSUSE-SU-2026:10131-1 trivy-0.69.0-1.1 on GA media

These are all security issues fixed in the trivy-0.69.0-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-14338

CVE-2025-14338 describes a Polkit-related race condition affecting authentication checks, tied to InputPlumber and echoing issues from CVE-2025-66005. Affected software/component: Polkit authorization checks in versions before v0.69.0, with the note that Polkit authentication is disabled by defau...

CVE-2025-14338

Polkit authentication dis isabled by default and a race condition in the Polkit authorization check in versions before v0.69.0 can lead to the same issues as in CVE-2025-66005...

CVE-2025-64116

Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect parameter without validation, allowing attackers to redirect authenticated users to arbitrary external sites. This vulnerability is fixed in 0.69.0...

CVE-2025-64115

Movary is a web application to track, rate and explore your movie watch history. Versions up to and including 0.68.0 use the HTTP Referer header value directly for redirects in multiple settings endpoints, allowing a crafted link to cause an open redirect to an attacker-controlled site and...

CVE-2025-64116

Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect parameter without validation, allowing attackers to redirect authenticated users to arbitrary external sites. This vulnerability is fixed in 0.69.0...

CVE-2025-64116 Movary vulnerable to an open redirect

Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect parameter without validation, allowing attackers to redirect authenticated users to arbitrary external sites. This vulnerability is fixed in 0.69.0...

CVE-2025-64116

Movary (a web app for tracking and exploring movie watch history) is affected by CVE-2025-64116. Prior to version 0.69.0, the login page accepts a redirect parameter without validation, enabling open redirect to arbitrary external sites. The issue is fixed in 0.69.0. Affected components: login/re...

CVE-2025-64116 Movary vulnerable to an open redirect

Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect parameter without validation, allowing attackers to redirect authenticated users to arbitrary external sites. This vulnerability is fixed in 0.69.0...

EUVD-2025-37042

Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect parameter without validation, allowing attackers to redirect authenticated users to arbitrary external sites. This vulnerability is fixed in 0.69.0...

Movary 输入验证错误漏洞

Movary is a movie review program by Lee Peuker Personal Developer. An input validation error vulnerability exists in Movary versions prior to 0.69.0, which stems from the login page not validating the redirection parameter, which could lead to a redirection attack...

PT-2025-44442

Name of the Vulnerable Software and Affected Versions Movary versions prior to 0.69.0 Description Movary, a web application for tracking movie watch history, is susceptible to an open redirect issue. Versions up to and including 0.68.0 directly utilize the HTTP Referer header value for redirects...

CVE-2023-31469 Apache StreamPipes: Privilege escalation through non-admin user

A REST interface in Apache StreamPipes versions 0.69.0 to 0.91.0 was not properly restricted to admin-only access. This allowed a non-admin user with valid login credentials to elevate privileges beyond the initially assigned roles. The issue is resolved by upgrading to StreamPipes 0.92.0...

CVE-2023-31469 Apache StreamPipes: Privilege escalation through non-admin user

A REST interface in Apache StreamPipes versions 0.69.0 to 0.91.0 was not properly restricted to admin-only access. This allowed a non-admin user with valid login credentials to elevate privileges beyond the initially assigned roles. The issue is resolved by upgrading to StreamPipes 0.92.0...