Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2026-098-01)

The version of mozilla-firefox installed on the remote host is prior to 140.9.1esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-098-01 advisory. New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Tenable has...

EUVD-2023-45497

Malicious code in bioql PyPI...

EUVD-2024-2140

Malicious code in bioql PyPI...

Slackware Linux 15.0 / current libxml2 Vulnerability (SSA:2025-251-01)

The version of libxml2 installed on the remote host is prior to 2.11.9 / 2.14.6. It is, therefore, affected by a vulnerability as referenced in the SSA:2025-251-01 advisory. New libxml2 packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the...

CVE-2025-52728

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows PHP Local File Inclusion.This issue affects Responsive Posts Carousel Pro: from n/a through = 15...

CVE-2023-32069

XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-2 and prior to versions 14.10.4 and 15.0-rc-1, it's possible for a user to execute anything with the right of the author of the XWiki.ClassSheet document. This has been patched in XWiki 15.0-rc-1 and 14.10.4. There are n...

WordPress WP Content Copy Protection & No Right Click (premium) plugin <= 15.0 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin WP Content Copy Protection & No Right Click premium versions = 15.0...

CVE-2025-0290 Loop with Unreachable Exit Condition ('Infinite Loop') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background jobs to become unresponsive...

XWiki 13.2-rc-1 < 14.10.21, 15.0-rc-1 < 15.5.5, 15.6-rc-1 < 15.10.1 Multiple Vulnerabilities

Xwiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...

XWiki 1.1.2 < 14.10.21, 15.0 < 15.5.5, 15.6 < 15.10.6 XSS Vulnerability (GHSA-wcg9-pgqv-xm5v)

Xwiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

PT-2024-28781 · Unknown · Com.Cascadialabs.Who

Name of the Vulnerable Software and Affected Versions: com.cascadialabs.who aka Who - Caller ID, Spam Block version 15.0 Description: The issue concerns the placement of sensitive information in the system log by the application. Recommendations: For version 15.0, consider restricting access to...

XWiki 13.10.4 < 14.10.21, 15.0 < 15.5.5, 15.6-rc-1 < 15.10.6 Missing Authorization Vulnerability (GHSA-33gp-gmg3-hfpq)

Xwiki is prone to a missing authorization vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

XWiki 9.2-rc-1 < 14.10.21, 15.0-rc-1 < 15.5.5, 15.6-rc-1 < 15.10.2 RCE Vulnerability (GHSA-h63h-5c77-77p5)

Xwiki is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

XWiki Platform 安全漏洞

XWiki Platform is XWiki's open source suite of Wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki Platform that stems from improper management of user rights. The following versions are affected: versions 13.10.4 through 14.0-rc-1, 14.2 through...

CVE-2024-38369

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The content of a document included using include reference="targetdocument"/ is executed with the right of the includer and not with the right of its author. This means that any user able to...

XWiki < 14.10.19, 15.0-rc-1 < 15.5.4, 15.6-rc-1 < 15.9 RCE Vulnerability (GHSA-c2gg-4gq4-jv5j)

Xwiki is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

XWiki 5.0-rc-1 < 14.10.19, 15.0-rc-1 < 15.5.4, 15.6-rc-1 < 15.9 Information Disclosure Vulnerability (GHSA-v782-xr4w-3vqx)

Xwiki is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

XWiki 3.0.1 < 14.10.19, 15.0-rc-1 < 15.5.4, 15.6-rc-1 < 15.9 RCE Vulnerability (GHSA-hf43-47q4-fhq5)

Xwiki is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

CVE-2024-30246 Tuleap deleting or moving an artifact can delete values from unrelated artifacts

Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious user could exploit this issue on purpose to delete information on the instance or possibly gain access to restricted artifacts. It is however not possible to control exactly which...

BIT-GITLAB-2023-1710

A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 prior to 15.8.5, 15.9 prior to 15.9.4 and 15.10 prior to 15.10.1 allows an attacker to view the count of internal notes for a given issue...