(LGPCSuite Setup), (IPSFULLHD, LG ULTRAWIDE, ULTRA HD Driver Setup) Security Vulnerabilities

CVE-2023-5956 Wp-Adv-Quiz <= 1.0.2 - Admin+ Stored XSS in Quiz Overview

The Wp-Adv-Quiz WordPress plugin through 1.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

Typora v1.7.4 - OS Command Injection Vulnerability

...

Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2024-1115)

The remote host is missing an update for the Huawei...

Typora v1.7.4 - OS Command Injection

...

Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2024-1131)

The remote host is missing an update for the Huawei...

Chart Builder < 1.9.7 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

Exploit for Deserialization of Untrusted Data in Wpengine Better Search Replace

Introduction to CVE-2023-6933 Vulnerability ...

Exploit for Vulnerability in Metabase

Metabase Pre-Auth RCE (CVE-2023-38646) PoC A proof of...

Raven - CI/CD Security Analyzer

RAVEN (Risk Analysis and Vulnerability Enumeration for CI/CD) is a powerful security tool designed to perform massive scans for GitHub Actions CI workflows and digest the discovered data into a Neo4j database. Developed and maintained by the Cycode research team. With Raven, we were able to...

Exploit for Vulnerability in Google Android

**This repository is provided AS IS to accompany [a Meta Red...

Ligolo-Ng - An Advanced, Yet Simple, Tunneling/Pivoting Tool That Uses A TUN Interface

Ligolo-ng is a simple, lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection using a tun interface (without the need of SOCKS). Features Tun interface (No more SOCKS!) Simple UI with agent selection and network information Easy to use and setup...

Protobuf vs JSON

A Beginners Guide to Understanding Protobuf & JSON When you dive into the sphere of data serialization, you're likely to encounter two dominant players - Protobuf, the colloquial term for Protocol Buffers, and JSON, standing for JavaScript Object Notation. Both of these formats carry distinctive...

Exploit for CVE-2023-47400

CVE-2023-47400 Proof of Concept for the CVE-2023-47400 ...

Fortra GoAnywhere MFT 6.x > 6.0.1 / 7.x < 7.4.1 Authentication Bypass

Fortra GoAnywhere MFT is a Managed File Transfer (MFT) solution helping organizations build both internal and external data transfer exchanges. GoAnyWhere MFT versions 6.x from 6.0.1 and 7.x before 7.4.1 suffer from an authentication bypass vulnerability. By crafting a specific URL, a remote and...

WP RSS Aggregator < 4.23.5 - Admin+ Stored XSS

Description The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

CloudLinux CageFS 7.1.1-1 Token Disclosure

...

EulerOS 2.0 SP11 : xorg-x11-server (EulerOS-SA-2024-1131)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset...

EulerOS 2.0 SP11 : xorg-x11-server (EulerOS-SA-2024-1115)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset...

kernel security update

[5.14.0-362.18.0.1_3.OL9] nfp: fix use-after-free in area_cache_get() (Jialiang Wang) {CVE-2022-3545} drivers: net: slip: fix NPD bug in sl_tx_timeout() (Duoming Zhou) {CVE-2022-41858} can: af_can: fix NULL pointer dereference in can_rcv_filter (Oliver Hartkopp) {CVE-2023-2166} RDMA/core: Fix...

Imperva customers are protected against the recent GoAnywhere MFT vulnerability CVE-2024-0204

Recently, Fortra released a security advisory for CVE-2024-0204, a GoAnywhere MFT authentication bypass vulnerability. This bug allows an unauthenticated attacker to create an administrative user by exploiting an InitialAccountSetup.xhtml endpoint–accessible via path traversal–to initiate the...

Exploit for Injection in Atlassian Confluence Data Center

CVE-2023-22527: Atlassian Confluence Vulnerability...

Security Testing: Types, Tools, and Best Practices

Opening Note: Understanding the Core Concepts of Security Analysis Continual developments in technology have elevated the significance of security analysis, a critical phase in software design. You can think of it as a vital diagram within the process of coding, engineered to identify and resolve.....

RHCOS 4 : OpenShift Container Platform 4.12.0 (RHSA-2022:7398)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7398 advisory. Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources....

FileBird < 5.6.1 - Admin+ Stored XSS

Description The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

RHCOS 4 : OpenShift Container Platform 4.13.3 (RHSA-2023:3536)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3536 advisory. HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a...

WPFront Notification Bar < 3.4 - Admin+ Stored XSS

Description The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

WebSub (FKA. PubSubHubbub) < 3.2.0 - Admin+ Stored XSS

Description The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

Content Views < 3.6.3 - Admin+ Stored XSS

Description The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

CVE-2023-35836

An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup and reconfiguration. Upon success, the attacker is able to further infiltrate the...

CVE-2023-35835

An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. The device provides a WiFi access point for initial configuration. The WiFi network provided has no network authentication (such as an encryption key) and persists permanently, including after enrollment and setup is complete. The...

Design/Logic Flaw

An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup and reconfiguration. Upon success, the attacker is able to further infiltrate the...

Authentication flaw

An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. The device provides a WiFi access point for initial configuration. The WiFi network provided has no network authentication (such as an encryption key) and persists permanently, including after enrollment and setup is complete. The...

CVE-2023-46889

Meross MSH30Q 4.5.23 is vulnerable to Cleartext Transmission of Sensitive Information. During the device setup phase, the MSH30Q creates an unprotected Wi-Fi access point. In this phase, MSH30Q needs to connect to the Internet through a Wi-Fi router. This is why MSH30Q asks for the Wi-Fi network...

CVE-2023-42144

Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi...

Code injection

Meross MSH30Q 4.5.23 is vulnerable to Cleartext Transmission of Sensitive Information. During the device setup phase, the MSH30Q creates an unprotected Wi-Fi access point. In this phase, MSH30Q needs to connect to the Internet through a Wi-Fi router. This is why MSH30Q asks for the Wi-Fi network...

Design/Logic Flaw

Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi...

Exploit for Incorrect Authorization in Atlassian Confluence Data Center

CVE-2023-22518 Lỗ hổng Phân Quyền Không Chính Xác trong...

Advanced Page Visit Counter <= 8.0.6 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

CVE-2023-42144

Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi...

Advanced Page Visit Counter <= 8.0.6 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) PoC 1. Visit the "Settings"...

CVE-2023-35836

An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup and reconfiguration. Upon success, the attacker is able to further infiltrate the...

Better Follow Button for Jetpack <= 8.0 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). PoC 1. Navigate to:...

WolfNet IDX for WordPress <= 1.19.1 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) PoC 1. In the settings of the...

WolfNet IDX for WordPress <= 1.19.1 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

CVE-2023-35835

An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. The device provides a WiFi access point for initial configuration. The WiFi network provided has no network authentication (such as an encryption key) and persists permanently, including after enrollment and setup is complete. The...

CVE-2023-46889

Meross MSH30Q 4.5.23 is vulnerable to Cleartext Transmission of Sensitive Information. During the device setup phase, the MSH30Q creates an unprotected Wi-Fi access point. In this phase, MSH30Q needs to connect to the Internet through a Wi-Fi router. This is why MSH30Q asks for the Wi-Fi network...

Better Follow Button for Jetpack <= 8.0 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

CVE-2023-6456

The WP Review Slider WordPress plugin before 13.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

CVE-2023-6626

The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

Cross site scripting

The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...