CVE-2017-12790

Metinfo 5.3.18 is affected by: Cross Site Request Forgery CSRF. The impact is: Information Disclosure remote. The component is: admin/index.php. The attack vector is: The administrator clicks on the malicious link in the login state...

SUSE SLES15 Security Update : kernel (Live Patch 50 for SLE 15 SP3) (SUSE-SU-2025:03514-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03514-1 advisory. This update for the Linux Kernel 5.3.18-15030059182 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc:...

SUSE-SU-2025:03148-1 Security update for the Linux Kernel (Live Patch 57 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059204 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. - CVE-2025-38000:...

SUSE SLES15 Security Update : kernel (Live Patch 52 for SLE 15 SP3) (SUSE-SU-2025:02955-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02955-1 advisory. This update for the Linux Kernel 5.3.18-15030059188 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID: cor...

Security update for the Linux Kernel (Live Patch 55 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059198 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...

Security update for the Linux Kernel (Live Patch 56 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059201 fixes several issues. The following security issues were fixed: CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...

Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059161 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50127: net: sched: fix use-after-free in tapriochange bsc1232908. CVE-2024-50279: dm...

Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6...

SUSE SLES15 Security Update : kernel (Live Patch 49 for SLE 15 SP2) (SUSE-SU-2024:4231-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4231-1 advisory. This update for the Linux Kernel 5.3.18-15020024194 fixes several issues. The following security issues were fixed: - CVE-2024-36904: tcp: Use...

Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024191 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47600: dm btree remove: fix use afte...

WordPress plugin WDES Responsive Mobile Menu 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

WordPress 5.3.x < 5.3.18 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A Cross-Site Scripting XSS vulnerability affecting the HTML API. - A Cross-Site Scripting XSS vulnerability affecting the Template Part block. - A path traversal issue...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is affected but not classified as vulnerable to a denial of service in Spring Framework (CVE-2022-22950)

Summary IBM Watson Assistant for IBM Cloud Pak for Data is affected but not vulnerable to a denial of service in Spring Framework CVE-2022-22950 Spring Framework is used by IBM Watson Assistant for IBM Cloud Pak for Data as part of its developement infrastructure. The fix includes Spring version...

Exploit for Code Injection in Vmware Spring_Framework

Spring-Core-RCE Spring Framework Remote Command Execution Vuln...

Reflected Cross-Site Scripting Vulnerability in MetInfo's login_check.php Page

MetInfo is a Content Management System CMS developed using PHP and Mysql. A reflective cross-site scripting vulnerability exists in the logincheck.php page in MetInfo version 5.3.18. An attacker can construct XSS statements and perform pop-up box operations to obtain user cookies and other...