Profile Box Shortcode And Widget < 1.2.1 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
5.7AI Score
0.0004EPSS
10CVSS
9.8AI Score
0.972EPSS
10CVSS
7.4AI Score
0.973EPSS
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. ffs_data_clear is indirectly called from both ffs_fs_kill_sb and ffs_ep0_release, so it ends up being called twice when userland closes ep0 and then unmounts f_fs. If...
5.5CVSS
6.6AI Score
0.0004EPSS
MikroTik RouterOS Improper Validation of Array Index (CVE-2020-11881)
An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964. This plugin only works with Tenable.ot. Please visit...
7.7AI Score
Chat Bubble <= 2.3 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
4.4CVSS
5.6AI Score
0.0004EPSS
Profile Box Shortcode And Widget < 1.2.1 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) PoC When creating a new widget,...
5.3AI Score
0.0004EPSS
The inclusion of the web scraper for AnythingLLM means that any user with the proper authorization level (manager, admin, and when in single user) could put in the URL http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance which is a special IP and URL...
9.9CVSS
7AI Score
0.0004EPSS
The inclusion of the web scraper for AnythingLLM means that any user with the proper authorization level (manager, admin, and when in single user) could put in the URL http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance which is a special IP and URL...
9.9CVSS
7AI Score
0.0004EPSS
Cross site request forgery (csrf)
The inclusion of the web scraper for AnythingLLM means that any user with the proper authorization level (manager, admin, and when in single user) could put in the URL http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance which is a special IP and URL...
9.9CVSS
7.3AI Score
0.0004EPSS
Kirby vulnerable to unrestricted file upload of user avatar images
TL;DR This vulnerability affects all Kirby sites that might have potential attackers in the group of authenticated Panel users. The attack requires user interaction by another user or visitor and cannot be automated. Introduction Unrestricted upload of files with a dangerous type is a type of...
6.5AI Score
0.0004EPSS
Kirby vulnerable to unrestricted file upload of user avatar images
TL;DR This vulnerability affects all Kirby sites that might have potential attackers in the group of authenticated Panel users. The attack requires user interaction by another user or visitor and cannot be automated. Introduction Unrestricted upload of files with a dangerous type is a type of...
6.3AI Score
0.0004EPSS
SSRF on AWS deployed instances of AnythingLLM via /metadata
The inclusion of the web scraper for AnythingLLM means that any user with the proper authorization level (manager, admin, and when in single user) could put in the URL http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance which is a special IP and URL...
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iommu: Don't reserve 0-length IOVA region When the bootloader/firmware doesn't setup the framebuffers, their address and size are 0 in "iommu-addresses" property. If IOVA region is reserved with 0 length, then it ends up...
7.8CVSS
6.3AI Score
0.0004EPSS
10CVSS
7AI Score
0.935EPSS
Joomla! patches XSS flaws that could lead to remote code execution
On February 20, Joomla! posted details about four vulnerabilities it had fixed in its Content Management System (CMS), and one in the Joomla! Framework that affects the CMS. Joomla! is an open-source CMS that’s been around since 2005, and has been one of the most popular CMS platforms by market...
7.2AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: iommu: Don't reserve 0-length IOVA region When the bootloader/firmware doesn't setup the framebuffers, their address and size are 0 in "iommu-addresses" property. If IOVA region is reserved with 0 length, then it ends up...
7.8CVSS
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iommu: Don't reserve 0-length IOVA region When the bootloader/firmware doesn't setup the framebuffers, their address and size are 0 in "iommu-addresses" property. If IOVA region is reserved with 0 length, then it ends up...
7.8CVSS
7.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iommu: Don't reserve 0-length IOVA region When the bootloader/firmware doesn't setup the framebuffers, their address and size are 0 in "iommu-addresses" property. If IOVA region is reserved with 0 length, then it ends up...
7.2AI Score
0.0004EPSS
iommu: Don't reserve 0-length IOVA region
In the Linux kernel, the following vulnerability has been resolved: iommu: Don't reserve 0-length IOVA region When the bootloader/firmware doesn't setup the framebuffers, their address and size are 0 in "iommu-addresses" property. If IOVA region is reserved with 0 length, then it ends up...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate mech token in session setup If client send invalid mech token in session setup request, ksmbd validate and make the error if it is...
7.1CVSS
7.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate mech token in session setup If client send invalid mech token in session setup request, ksmbd validate and make the error if it is...
7.1CVSS
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate mech token in session setup If client send invalid mech token in session setup request, ksmbd validate and make the error if it is...
7.4AI Score
0.0004EPSS
ksmbd: validate mech token in session setup
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate mech token in session setup If client send invalid mech token in session setup request, ksmbd validate and make the error if it is...
6.8AI Score
0.0004EPSS
Advice for manufacturers on the coming PSTI regulation
TL;DR PSTI: The UK Product Security and Telecommunications Infrastructure (Product Security) Act Regulations effective from 29 April 2024 Assess how, where, why, and when you may be affected Review supply chain and in-house teams for compliance readiness Specific obligations for manufacturers,...
7.2AI Score
In the Linux kernel, the following vulnerability has been resolved: iommu: Don't reserve 0-length IOVA region When the bootloader/firmware doesn't setup the framebuffers, their address and size are 0 in "iommu-addresses" property. If IOVA region is reserved with 0 length, then it ends up...
7.8CVSS
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate mech token in session setup If client send invalid mech token in session setup request, ksmbd validate and make the error if it is...
7.1CVSS
6.6AI Score
0.0004EPSS
Fiber has Insecure CORS Configuration, Allowing Wildcard Origin with Credentials
The CORS middleware allows for insecure configurations that could potentially expose the application to multiple CORS-related vulnerabilities. Specifically, it allows setting the Access-Control-Allow-Origin header to a wildcard ("*") while also having the Access-Control-Allow-Credentials set to...
9.4CVSS
9.3AI Score
0.0004EPSS
Fiber has Insecure CORS Configuration, Allowing Wildcard Origin with Credentials
The CORS middleware allows for insecure configurations that could potentially expose the application to multiple CORS-related vulnerabilities. Specifically, it allows setting the Access-Control-Allow-Origin header to a wildcard ("*") while also having the Access-Control-Allow-Credentials set to...
9.4CVSS
9.3AI Score
0.0004EPSS
ConnectWise ScreenConnect Unauthenticated Remote Code Execution
This module exploits an authentication bypass vulnerability that allows an unauthenticated attacker to create a new administrator user account on a vulnerable ConnectWise ScreenConnect server. The attacker can leverage this to achieve RCE by uploading a malicious extension module. All versions of.....
8.4CVSS
7.6AI Score
0.0005EPSS
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 78 vulnerabilities disclosed in 63...
10CVSS
9.2AI Score
0.0004EPSS
Exploit for Vulnerability in Metabase
Exploit CVE-2023-38646 Metabase before 0.46.6.1 (open source)...
9.8CVSS
8.6AI Score
0.913EPSS
Fedora: Security Advisory for rear (FEDORA-2024-49ddbf447d)
The remote host is missing an update for...
5.5CVSS
5.7AI Score
0.0004EPSS
7.5CVSS
6.6AI Score
0.052EPSS
(RHSA-2024:0934) Important: Red Hat Virtualization security and bug fix update
Security fixes: * ovirt: authentication bypass (CVE-2024-0822) Bug fixes: * During the storage domain import, the engine will fail to find OVF_STORE if there is also a ConnectStoragePoolVDSCommand request...
7.5CVSS
7.2AI Score
0.001EPSS
TL;DR The VMware Enhanced Authentication plugin that is offered as part of VMware vSphere’s seamless login experience for the web console contains multiple vulnerabilities relating to Kerberos authentication relay. The first vulnerability, CVE-2024-22245, is a Kerberos relay vulnerability where a.....
9.6CVSS
7.2AI Score
0.0004EPSS
[SECURITY] Fedora 38 Update: rear-2.7-8.fc38
Relax-and-Recover is the leading Open Source disaster recovery and system migration solution. It comprises of a modular frame-work and ready-to-go workflows for many common situations to produce a bootable image and restore from backup using this image. As a benefit, it allows to restore to...
5.5CVSS
5.4AI Score
0.0004EPSS
[SECURITY] Fedora 39 Update: rear-2.7-8.fc39
Relax-and-Recover is the leading Open Source disaster recovery and system migration solution. It comprises of a modular frame-work and ready-to-go workflows for many common situations to produce a bootable image and restore from backup using this image. As a benefit, it allows to restore to...
5.5CVSS
5.4AI Score
0.0004EPSS
Widget for Social Page Feeds < 6.4 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
7.3AI Score
0.0004EPSS
YARPP < 5.30.10 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
4.4CVSS
5.4AI Score
0.0004EPSS
Widget for Social Page Feeds < 6.4 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) PoC 1. Create a new Facebook like...
7.2AI Score
0.0004EPSS
RHEL 8 : Red Hat Virtualization (RHSA-2024:0934)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0934 advisory. ovirt: authentication bypass (CVE-2024-0822) Note that Nessus has not tested for this issue but has instead relied only on the application's...
7.8AI Score
Fedora: Security Advisory for rear (FEDORA-2024-a2f6e5ddb8)
The remote host is missing an update for...
5.5CVSS
5.7AI Score
0.0004EPSS
Critical Flaws Found in ConnectWise ScreenConnect Software - Patch Now
ConnectWise has released software updates to address two security flaws in its ScreenConnect remote desktop and access software, including a critical bug that could enable remote code execution on affected systems. The vulnerabilities are listed below - CVE-2024-1708 (CVSS score: 8.4) - Improper...
10CVSS
10AI Score
0.935EPSS
GLSA-202402-28 : Samba: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202402-28 (Samba: Multiple Vulnerabilities) An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names...
5.4AI Score
Advanced Social Feeds Widget & Shortcode <= 1.7 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) PoC When creating a new widget,...
7.2AI Score
0.0004EPSS
Advanced Social Feeds Widget & Shortcode <= 1.7 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
7.3AI Score
0.0004EPSS
WP Setup Wizard < 1.0.8.2 - Authenticated (Subscriber+) Full Database Download
Description The WP Setup Wizard plugin for WordPress is vulnerable to unauthorized access of datadue to a missing capability check in all versions up to, and including, 1.0.8.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to download the entire...
8.8CVSS
6.3AI Score
0.0004EPSS
The Biosig Project libbiosig .egi parsing heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-1920 The Biosig Project libbiosig .egi parsing heap-based buffer overflow vulnerability February 20, 2024 CVE Number CVE-2024-21795 SUMMARY A heap-based buffer overflow vulnerability exists in the .egi parsing functionality of The Biosig Project libbiosig...
9.8CVSS
7.9AI Score
0.001EPSS
Password Protected < 2.6.7 - Admin+ Stored XSS
Description The plugin does not sanitise and escape its Google Captcha Site Key settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
4.4CVSS
5.9AI Score
0.0004EPSS