19 matches found
CVE-2026-3299
The WP YouTube Lyte plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lyte' shortcode in all versions up to, and including, 1.7.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2026-3299
The WP YouTube Lyte plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lyte' shortcode in all versions up to, and including, 1.7.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2026-3299
The WP YouTube Lyte plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lyte' shortcode in all versions up to, and including, 1.7.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
WordPress WP YouTube Lyte plugin <= 1.7.29 - Authenticated (Contributor+) Stored Cross-Site Scripting via lyte Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via lyte Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WP YouTube Lyte versions = 1.7.29...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : containerd (SUSE-SU-2025:4288-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4288-1 advisory. - Update to containerd v1.7.29 - CVE-2024-25621: Fixed an overly broad default permission...
SUSE: Security Advisory (SUSE-SU-2025:4288-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2025:4288-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for containerd
This update for containerd fixes the following issues: Update to containerd v1.7.29 CVE-2024-25621: Fixed an overly broad default permission vulnerability. bsc1253126 CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. bsc1253132 Patch Instructions: To install...
[SECURITY] Fedora 41 Update: containerd-1.7.29-1.fc41
Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...
SUSE: Security Advisory (SUSE-SU-2025:4072-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for containerd
This update for containerd fixes the following issues: Update to containerd v1.7.29 CVE-2024-25621: Fixed an overly broad default permission vulnerability. bsc1253126 CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. bsc1253132 Patch Instructions: To install...
SUSE-SU-2025:4072-1 Security update for containerd
This update for containerd fixes the following issues: - Update to containerd v1.7.29 - CVE-2024-25621: Fixed an overly broad default permission vulnerability. bsc1253126 - CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. bsc1253132...
Missing Release of Memory after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime via the Attach functionality. An attacker can cause excessive memory consumption on the host by repeatedly initiating CRI Attach requests, leading to resource exhaustion due to goroutin...
Incorrect Execution-Assigned Permissions
Overview Affected versions of this package are vulnerable to Incorrect Execution-Assigned Permissions when initialising host directories with 711 and 755 permissions instead of 700. An attacker can gain unauthorized access to sensitive data and potentially escalate privileges by accessing...
EUVD-2021-21223
Malware in sbrugna...
WordPress 360 Javascript Viewer plugin <= 1.7.29 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Yamil in WordPress Plugin 360 Javascript Viewer versions = 1.7.29...
CVE-2021-34573
In Enbra EWM in Version 1.7.29 together with several tested wireless M-Bus Sensors the events backflow and "no flow" are not reconized or misinterpreted. This may lead to wrong values and missing events...
Enbra EWM 安全漏洞
Enbra Ewm is a universal reading device from the Czech company Enbra. It uses a radio to read water meters, heating cost indicators and calorimeters. An access control error vulnerability exists in Enbra EWM version 1.7.29, which originates in Enbra EWM and several tested wireless M-Bus sensors,...
Enbra Ewm数据伪造问题漏洞
Enbra Ewm is a universal reading device from the Czech company Enbra. It uses a radio to read water meters, heating cost indicators and heat meters. Enbra EWM is vulnerable to a data forgery issue in version 1.7.29, which stems from the fact that the software does not check for or detect replay...