Important: Red Hat Security Advisory: Kiali 2.4.13 for Red Hat OpenShift Service Mesh 3.0

Kiali 2.4.13 for Red Hat OpenShift Service Mesh 3.0 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Kiali 2.4.13, for Re...

CVE-2026-0910

The wpForo Forum plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.4.13 via deserialization of untrusted input in the 'wpforodisplayarraydata' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

CVE-2026-0910 wpForo Forum <= 2.4.13 - Authenticated (Subscriber+) PHP Object Injection

The wpForo Forum plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.4.13 via deserialization of untrusted input in the 'wpforodisplayarraydata' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

CVE-2026-0910

wpForo Forum plugin for WordPress (versions up to 2.4.13) is vulnerable to PHP Object Injection via deserialization in wpforo_display_array_data. Exploitation requires an authenticated user with Subscriber-level access or higher. A POP chain must be present in another plugin or theme for practica...

EulerOS 2.0 SP12 : cups (EulerOS-SA-2026-1085)

According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe...

CVE-2024-39630

Deserialization of Untrusted Data vulnerability in MotoPress Timetable and Event Schedule allows Object Injection.This issue affects Timetable and Event Schedule: from n/a through 2.4.13...

Alibaba Cloud Linux 3 : 0190: cups (ALINUX3-SA-2025:0190)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0190 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-58364: OpenPrinting CUPS is an open source...

TencentOS Server 2: cups (TSSA-2025:0808)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0808 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

EUVD-2021-1790

Malware in sbrugna...

ALPINE-CVE-2025-58364

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local...

CVE-2025-58060

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the AuthType is set to anything but Basic, if the request contains an Authorization: Basic ... header, the password is not checked. This results in...

WordPress Timetable and Event Schedule by MotoPress plugin <= 2.4.13 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by VNPT Nguyễn Phương Bắc Patchstack Alliance in WordPress Plugin Timetable and Event Schedule versions = 2.4.13...

CVE-2021-36826

Authenticated subscriber or higher user role if allowed to access projects Stored Cross-Site Scripting XSS vulnerability in weDevs WP Project Manager plugin = 2.4.13 versions...

CVE-2021-36826 WordPress WP Project Manager plugin <= 2.4.13 - Stored Cross-Site Scripting (XSS) vulnerability

Authenticated subscriber or higher user role if allowed to access projects Stored Cross-Site Scripting XSS vulnerability in weDevs WP Project Manager plugin = 2.4.13 versions...

Containous Traefik Elevation of Privilege Vulnerability

Containous Traefik is a reverse proxy and load balancer from the US company Containous. versions prior to Traefik 2.4.13 have a security vulnerability that can be exploited by attackers to elevate privileges...

CVE-2021-32813

Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.4.13, there exists a potential header vulnerability in Traefik's handling of the Connection header. Active exploitation of this issue is unlikely, as it requires that a removed header would lead to a privilege escalation,...

Design/Logic Flaw

Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.4.13, there exists a potential header vulnerability in Traefik's handling of the Connection header. Active exploitation of this issue is unlikely, as it requires that a removed header would lead to a privilege escalation,...

openSUSE Security Update : wireshark (openSUSE-2019-1108)

This update for wireshark to version 2.4.13 fixes the following issues : Security issues fixed : - CVE-2019-9214: Avoided a dereference of a null coversation which could make RPCAP dissector crash bsc1127367. - CVE-2019-9209: Fixed a buffer overflow in time values which could make ASN.1 BER and...

CVE-2019-9214

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation...

Apache HTTP Server 'mod_lua' Denial of Service Vulnerability -01 (May 2015)

Apache HTTP Server is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...