9 matches found
VulnCheck KEV: CVE-2024-13448
The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'trxaddonsuploadssavedata' function in all versions up to, and including, 2.32.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the...
Security Bulletin: IBM Truststore Manager uses urllib3-2.4.0-py3-none-any.whl and requests-2.32.3-py3-none-any.whl which is vulnerable to CVE-2025-50181 and CVE-2025-50182
Summary IBM Truststore Manager uses urllib3-2.4.0-py3-none-any.whl and requests-2.32.3-py3-none-any.whl which is vulnerable to CVE-2025-50181 and CVE-2025-50182. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-47081 DESCRIPTION:...
Security update for python-requests
This update for python-requests fixes the following issues: Add patch to inject the default CA bundles if they are not specified. bsc1226321, bsc1231500 Remove Requires on python-py. update to 2.32.3: Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. Fixe...
WordPress ThemeREX Addons plugin <= 2.32.3 - Unauthenticated Arbitrary File Upload in trx_addons_uploads_save_data vulnerability
Unauthenticated Arbitrary File Upload in trxaddonsuploadssavedata vulnerability discovered by Tonn in WordPress Plugin ThemeREX Addons versions = 2.32.3...
CVE-2024-13448
The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'trxaddonsuploadssavedata' function in all versions up to, and including, 2.32.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the...
PT-2025-2176
Name of the Vulnerable Software and Affected Versions ThemeREX Addons plugin for WordPress versions up to, and including, 2.32.3 Description The issue is related to arbitrary file uploads due to missing file type validation in the trx addons uploads save data function. This allows unauthenticated...
Security update for webkit2gtk3 (important)
openSUSE Security Update: Security update for webkit2gtk3 Announcement ID: openSUSE-SU-2021:2598-1 Rating: important References: 1188697 Cross-References: CVE-2021-21775 CVE-2021-21779 CVE-2021-30663 CVE-2021-30665 CVE-2021-30689 CVE-2021-30720 CVE-2021-30734 CVE-2021-30744 CVE-2021-30749...
[ASA-202107-68] wpewebkit: multiple issues
Arch Linux Security Advisory ASA-202107-68 ========================================== Severity: High Date : 2021-07-27 CVE-ID : CVE-2021-21775 CVE-2021-21779 CVE-2021-30663 CVE-2021-30665 CVE-2021-30689 CVE-2021-30720 CVE-2021-30734 CVE-2021-30744 CVE-2021-30749 CVE-2021-30795 CVE-2021-30797...
Updated gdk-pixbuf2.0 packages fix security vulnerability
A write out-of-bounds parsing an ico file was found in gdk-pixbuf. A maliciously crafted file can cause the application to crash CVE-2016-6352. The gdk-pixbuf2.0 package has been updated to version 2.32.3 and patched to fix this issue, and a few other possible security issues...