OPENSUSE-SU-2026:10050-1 rke2-1.34-1.34.3+rke2r1-1.1 on GA media

These are all security issues fixed in the rke2-1.34-1.34.3+rke2r1-1.1 package on the GA media of openSUSE Tumbleweed...

Fedora: Security Advisory (FEDORA-2025-a8059b12d3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 41 Update: cri-o1.34-1.34.1-1.fc41

Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...

OpenPrinting IPPUSBXD 安全漏洞

OpenPrinting IPPUSBXD is a printer daemon in the OpenPrinting open source. A security vulnerability exists in OpenPrinting IPPUSBXD version 1.34, which originates from a stack buffer overflow and could lead to the execution of arbitrary code in privileged services...

PT-2025-33733 · Ippusbxd · Ippusbxd

Name of the Vulnerable Software and Affected Versions: ippusbxd version 1.34 Description: A stack based buffer overflow vulnerability exists in ippusbxd. A specially configured printer supporting IPP-over-USB can cause a buffer overflow, potentially leading to arbitrary code execution within a...

CVE-2024-31265

Cross-Site Request Forgery CSRF vulnerability in SumoMe Sumo.This issue affects Sumo: from n/a through 1.34...

WordPress Sumo plugin <= 1.34 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Friday Patchstack Alliance in WordPress Plugin Sumo versions = 1.34...

CVE-2023-47392

An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request...

WordPress Plugin WP Simple Galleries Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

Important: tar

Issue Overview: GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximate...

SUSE CVE-2010-0012

Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. dot dot in a pathname within a .torrent file...

de.fac2 安全漏洞

de.fac2 is a Javacard applet that implements the Fido U2F token from Bundesamt für Sicherheit in der Informationstechnik in Germany. A security vulnerability exists in de.fac2 version 1.34, which originates from bypassing user protection mechanisms in the presence of malware on the victim's...

MediaWiki Cross-site Scripting (XSS) vulnerability

In MediaWiki before 1.31.9 and 1.32.x through 1.34.x before 1.34.3, XSS related to jQuery can occur. The attacker creates a message with javascript:payload xss and turns it into a jQuery object with mw.message.parse. The expected result is that the jQuery object does not contain an tag or it does...

PT-2022-20068 · Brave · Brave

Name of the Vulnerable Software and Affected Versions: Brave versions prior to 1.34 Description: The issue occurs when a Private Window with Tor Connectivity is used, causing .onion URLs to leak in Referer and Origin headers. Although this was fixed by Brave, the Brave documentation notes that...

CVE-2020-25827

An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. For Wikis using OATHAuth on a farm/cluster such as via CentralAuth, rate limiting of OATH tokens is only done on a single site level. Thus, multiple requests can be made across...

PT-2020-16223 · Wikimedia +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.32.x through 1.34.x before 1.34.4 Description: An issue was discovered where the LogEventList::getFiltersDesc function is insecurely using message text to build options names for an HTML multi-select field. The relevant...

PT-2020-12450 · Wikimedia +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35 MediaWiki versions prior to 1.34.0-rc.0 Description: The issue allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page. This is achieved by exploiting the...

MediaWiki cross-site scripting vulnerability (CNVD-2020-02670)

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. A cross-site scripting vulnerability exists in MediaWiki versions 2019-11-05...

MediaWiki VisualEditor Cross-Site Scripting Vulnerability

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. The product can be used to deploy in-house knowledge management and content management systems.VisualEditor is a rich text editor extension used in it. A cross-site...

ALPINE-CVE-2019-12083

The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the Error::typeid method is overridden then any type can be safely cast to any other type, causing memory safet...