100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series; Security Vulnerabilities

CVE-2024-25975

The application implements an up- and downvote function which alters a value within a JSON file. The POST parameters are not filtered properly and therefore an arbitrary file can be overwritten. The file can be controlled by an authenticated attacker, the content cannot be controlled. It is...

How to turn off location tracking on Android

Android devices come with location services. Some apps need access to location services to function properly. However, there may be reasons why you don’t want your device to be located, often because you don’t want to be found and the device is always with you. Depending on who you are trying to...

CVE-2024-36364

In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was...

CVE-2024-5039

The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.3.5.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes.....

CVE-2023-42005

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7, and 4.8 could allow a user with access to the Kubernetes pod, to make system calls compromising the security of containers. IBM X-Force ID:...

CVE-2024-25975 Arbitrary File Overwrite

The application implements an up- and downvote function which alters a value within a JSON file. The POST parameters are not filtered properly and therefore an arbitrary file can be overwritten. The file can be controlled by an authenticated attacker, the content cannot be controlled. It is...

Data leak site BreachForums is back, boasting Live Nation/Ticketmaster user data. But is it a trap?

Notorious data leak site BreachForums appears to be back online after it was seized by law enforcement a few weeks ago. At least one of BreachForums domains and its dark web site are live again. However, questions have been raised over whether it is a genuine attempt to revive the forums once...

CVE-2023-42005 IBM Db2 on Cloud Pak for Data privilege escalation

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7, and 4.8 could allow a user with access to the Kubernetes pod, to make system calls compromising the security of containers. IBM X-Force ID:...

CVE-2024-5039 HUSKY – Products Filter Professional for WooCommerce <= 1.3.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.3.5.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes.....

Blocksquare Hits $100M Tokenized RWA Triggering Launchpad Release

By Uzair Amir Blocksquare, a leading real estate tokenization platform, announces a major milestone: $100 million worth of real estate tokenized… This is a post from HackRead.com Read the original post: Blocksquare Hits $100M Tokenized RWA Triggering Launchpad...

Blocksquare Hits $100M Tokenized RWA Triggering Launchpad Release

By Uzair Amir Blocksquare, a leading real estate tokenization platform, announces a major milestone: $100 million worth of real estate tokenized… This is a post from HackRead.com Read the original post: Blocksquare Hits $100M Tokenized RWA Triggering Launchpad...

CVE-2024-27313

Zoho ManageEngine PAM360 is vulnerable to Stored XSS vulnerability. This vulnerability is applicable only in the version...

Privacy Implications of Tracking Wireless Access Points

Brian Krebs reports on research into geolocating routers: Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geolocate devices. Researchers from the University of...

CVE-2024-36107

A sensitive information disclosure vulnerability was found in MinIO. Headers can be used to determine if an object exists or not on the server on a specific bucket and gain access to sensitive...

CVE-2024-3412

The WP STAGING WordPress Backup Plugin – Migration Backup Restore plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wpstg_processing AJAX action in all versions up to, and including, 3.4.3. This makes it possible for authenticated attackers,...

CVE-2024-3412 WP STAGING WordPress Backup Plugin – Migration Backup Restore <= 3.4.3 - Authenticated (Admin+) Arbitrary File Upload

The WP STAGING WordPress Backup Plugin – Migration Backup Restore plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wpstg_processing AJAX action in all versions up to, and including, 3.4.3. This makes it possible for authenticated attackers,...

CVE-2024-5086

The Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Team Member Carousel widget in all Pro versions up to, and including, 5.8.14 due to insufficient input...

Improper Access Control

silverstripe/framework is vulnerable to Improper Access Control. The vulnerability is due to missing canView checks when the report is actually viewed, allowing any report to be accessed if the URL is known and the user can access the Reports section of the...

CVE-2024-5086 Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.8.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Member Carousel Widget

The Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Team Member Carousel widget in all Pro versions up to, and including, 5.8.14 due to insufficient input...

BIT-argo-cd-2024-31989

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS...

intel-microcode vulnerabilities

It was discovered that some 3rd and 4th Generation Intel® Xeon® Processors did not properly restrict access to certain hardware features when using Intel® SGX or Intel® TDX. This may allow a privileged local user to potentially further escalate their privileges on the system. This issue only...

Path Traversal

org.openapitools, openapi-generator-online is vulnerable to a Path Traversal. The vulnerability is due to unrestricted access to the outputFolder option, which allows attackers to manipulate file paths and potentially read or delete files and folders outside of the intended...

Binding To An Unrestricted IP Address

dbt-core is vulnerable to Binding to an Unrestricted IP Address. The vulnerability is due to the binding of INADDR_ANY or IN6ADDR_ANY to any network interface on the local system (not just localhost), which exposes the application on all network interfaces. An attacker can gain unauthorized access....

Incorrect Default Permissions

kaminari is vulnerable to Incorrect Default Permissions. The vulnerability is due to improperly set file permissions that allow unauthorized write access to specific Ruby files managed by the...

Improper Access Control

Mattermost is vulnerable to Improper Access Control. The vulnerability is due to a failure to restrict the audience of the "custom_playbooks_playbook_run_updated" webhook event, allowing a guest on a channel with a linked playbook run to see all details of the playbook run when it is marked as...

Improper Authentication

Silverstripe/framework is vulnerable to Improper Authentication. The vulnerability is caused by improper user permission checks to verify if a user can login via the Member::canLogIn() method, allowing an attacker to gain access to unapproved or revoked users by resetting the...

Denial Of Service (DoS)

github.com/stacklok/minder is vulnerable to a Denial Of Service (DoS). The vulnerability is due to the sigstore verifier reading an untrusted response entirely into memory without enforcing a limit on the response body. The vulnerability allows an attacker to crash the Minder server and deny other....

CVE-2023-6743 Unlimited Elements for Elementor <= 1.5.89 - Authenticated(Contributor+) Remote Code Execution via template import

The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.5.89 via the template import functionality. This makes it possible for authenticated attackers, with contributor access and...

[SECURITY] Fedora 40 Update: qt6-qtserialbus-6.7.1-1.fc40

Qt Serial Bus (API) provides classes and functions to access the various industrial serial buses and protocols, such as CAN, ModBus, and...

[SECURITY] Fedora 40 Update: qt6-qtspeech-6.7.1-1.fc40

The module enables a Qt application to support accessibility features such as text-to-speech, which is useful for end-users who are visually challenged or cannot access the application for whatever reason. The most common use case where text-to-speech comes in handy is when the end-user is driving....

[SECURITY] Fedora 40 Update: qt6-qtsensors-6.7.1-1.fc40

The Qt Sensors API provides access to sensor hardware via QML and C++ interfaces. The Qt Sensors API also provides a motion gesture recognition API for...

[SECURITY] Fedora 40 Update: qt6-qtopcua-6.7.1-1.fc40

Qt OPC UA (API) provides classes and functions to access the OPC UA...

[SECURITY] Fedora 40 Update: qt6-qtcoap-6.7.1-1.fc40

Qt CoAP (API) provides classes and functions to access the CoAP...

CVE-2024-5150 Login with phone number <= 1.7.26 - Authentication Bypass due to Missing Empty Value Check

The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26. This is due to the 'activation_code' default value is empty, and the not empty check is missing in the 'lwp_ajax_register' function. This makes it possible for...

Flowmon Unauthenticated Command Injection Exploit

This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Flowmon versions before...

AdFoxly – Ad Manager, AdSense Ads & Ads.txt <= 1.8.5 - Missing Authorization

Description The AdFoxly – Ad Manager, AdSense Ads & Ads.txt plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.8.5. This makes it possible for unauthenticated attackers to perform an unauthorized...

RHEL 8 : kernel (RHSA-2024:3462)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3462 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * RHEL: Add Spectre-BHB mitigation...

MariaDB 11.5.0 < 11.5.1

The version of MariaDB installed on the remote host is prior to 11.5.1. It is, therefore, affected by a vulnerability as referenced in the mariadb-1151-release-notes advisory. Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are...

Oracle Linux 8 : tigervnc (ELSA-2024-3261)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3261 advisory. [1.13.1-10] - Drop patches that are already part of xorg-x11-server Resolves: RHEL-30755 Resolves: RHEL-30767 Resolves: RHEL-30761 ...

Fastly < 1.2.26 - Missing Authorization

Description The Fastly plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in versions up to, and including, 1.2.25. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform...

Tainacan < 0.21.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Tainacan plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 0.21.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject...

Praison SEO WordPress <= 4.0.15 - Authenticated (Author+) Stored Cross-Site Scripting

Description The Praison SEO WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 4.0.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to...

EulerOS Virtualization 2.11.0 : kernel (EulerOS-SA-2024-1735)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Intel Microcode vulnerabilities (USN-6797-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6797-1 advisory. It was discovered that some 3rd and 4th Generation Intel Xeon Processors did not properly...

Image Sizes - Moderately critical - Access bypass - SA-CONTRIB-2024-023

This module enables you to create responsive image styles that depend on the parent element's width. The module doesn't sufficiently check access to rendered images, resulting in access bypass vulnerabilities in specific...

EulerOS Virtualization 2.11.1 : libuv (EulerOS-SA-2024-1717)

According to the versions of the libuv package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in...

EulerOS Virtualization 2.11.0 : libuv (EulerOS-SA-2024-1728)

According to the versions of the libuv package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in...

RHEL 9 : kernel-rt (RHSA-2024:3460)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3460 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

EulerOS Virtualization 2.11.1 : edk2 (EulerOS-SA-2024-1722)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via...

ROS-20240529-01

Vulnerability in the Lightweight HTTP Server component of the Oracle Java SE software platform and virtual machine Oracle GraalVM Enterprise Edition is related to unrestricted resource allocation. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of...