BIG-IP (AFM, ASM) Security Vulnerabilities

CVE-2024-35849

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix information leak in btrfs_ioctl_logical_to_ino() Syzbot reported the following information leak for in btrfs_ioctl_logical_to_ino(): BUG: KMSAN: kernel-infoleak in instrument_copy_to_user...

CVE-2024-35849

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix information leak in btrfs_ioctl_logical_to_ino() Syzbot reported the following information leak for in btrfs_ioctl_logical_to_ino(): BUG: KMSAN: kernel-infoleak in instrument_copy_to_user...

CVE-2024-35849

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix information leak in btrfs_ioctl_logical_to_ino() Syzbot reported the following information leak for in btrfs_ioctl_logical_to_ino(): BUG: KMSAN: kernel-infoleak in instrument_copy_to_user...

CVE-2024-35849 btrfs: fix information leak in btrfs_ioctl_logical_to_ino()

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix information leak in btrfs_ioctl_logical_to_ino() Syzbot reported the following information leak for in btrfs_ioctl_logical_to_ino(): BUG: KMSAN: kernel-infoleak in instrument_copy_to_user...

CVE-2024-35849 btrfs: fix information leak in btrfs_ioctl_logical_to_ino()

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix information leak in btrfs_ioctl_logical_to_ino() Syzbot reported the following information leak for in btrfs_ioctl_logical_to_ino(): BUG: KMSAN: kernel-infoleak in instrument_copy_to_user...

CVE-2024-35802

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Fix position dependent variable references in startup code The early startup code executes from a 1:1 mapping of memory, which differs from the mapping that the code was linked and/or relocated to run at. The latter...

CVE-2024-27415

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast) frames on bridges......

CVE-2024-27415

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast) frames on...

CVE-2024-27415

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast) frames on bridges......

Exploit for OS Command Injection in Fortinet Fortisiem

CVE-2023-34992: Fortinet FortiSIEM Unauthenticated Command...

CVE-2024-27415 netfilter: bridge: confirm multicast packets before passing them up the stack

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast) frames on bridges......

FBI Seizes BreachForums Website

The FBI has seized the BreachForums website, used by ransomware criminals to leak stolen corporate data. If law enforcement has gained access to the hacking forum's backend data, as they claim, they would have email addresses, IP addresses, and private messages that could expose members and be...

CVE-2024-32827

Authentication Bypass by Spoofing vulnerability in RafflePress Giveaways and Contests allows Functionality Bypass.This issue affects Giveaways and Contests: from n/a through...

CVE-2024-32827

Authentication Bypass by Spoofing vulnerability in RafflePress Giveaways and Contests allows Functionality Bypass.This issue affects Giveaways and Contests: from n/a through...

CVE-2024-32786

Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows Functionality Bypass.This issue affects Royal Elementor Addons: from n/a through...

CVE-2024-32786

Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows Functionality Bypass.This issue affects Royal Elementor Addons: from n/a through...

CVE-2024-32708

Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality Bypass.This issue affects Maintenance Mode: from n/a through...

CVE-2024-32708

Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality Bypass.This issue affects Maintenance Mode: from n/a through...

CVE-2024-32827 WordPress Giveaways and Contests by RafflePress plugin <= 1.12.7 - IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in RafflePress Giveaways and Contests allows Functionality Bypass.This issue affects Giveaways and Contests: from n/a through...

CVE-2024-32827 WordPress Giveaways and Contests by RafflePress plugin <= 1.12.7 - IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in RafflePress Giveaways and Contests allows Functionality Bypass.This issue affects Giveaways and Contests: from n/a through...

CVE-2024-32786 WordPress Royal Elementor Addons and Templates plugin <= 1.3.93 - IP Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows Functionality Bypass.This issue affects Royal Elementor Addons: from n/a through...

CVE-2024-32786 WordPress Royal Elementor Addons and Templates plugin <= 1.3.93 - IP Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows Functionality Bypass.This issue affects Royal Elementor Addons: from n/a through...

CVE-2024-32708 WordPress Maintenance Mode plugin <= 3.0.1 - IP Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality Bypass.This issue affects Maintenance Mode: from n/a through...

CVE-2024-32708 WordPress Maintenance Mode plugin <= 3.0.1 - IP Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality Bypass.This issue affects Maintenance Mode: from n/a through...

CVE-2024-33917

Authentication Bypass by Spoofing vulnerability in webtechideas WTI Like Post allows Functionality Bypass.This issue affects WTI Like Post: from n/a through...

CVE-2024-33917

Authentication Bypass by Spoofing vulnerability in webtechideas WTI Like Post allows Functionality Bypass.This issue affects WTI Like Post: from n/a through...

CVE-2024-30522

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through...

CVE-2024-30522

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through...

CVE-2024-30480

Authentication Bypass by Spoofing vulnerability in Pippin Williamson CGC Maintenance Mode allows Functionality Bypass.This issue affects CGC Maintenance Mode: from n/a through...

CVE-2024-30479

Authentication Bypass by Spoofing vulnerability in LionScripts IP Blocker Lite allows Functionality Bypass.This issue affects IP Blocker Lite: from n/a through...

CVE-2024-30480

Authentication Bypass by Spoofing vulnerability in Pippin Williamson CGC Maintenance Mode allows Functionality Bypass.This issue affects CGC Maintenance Mode: from n/a through...

CVE-2024-30479

Authentication Bypass by Spoofing vulnerability in LionScripts IP Blocker Lite allows Functionality Bypass.This issue affects IP Blocker Lite: from n/a through...

CVE-2024-25906

Authentication Bypass by Spoofing vulnerability in WP Happy Coders Comments Like Dislike allows Functionality Bypass.This issue affects Comments Like Dislike: from n/a through...

CVE-2024-25906

Authentication Bypass by Spoofing vulnerability in WP Happy Coders Comments Like Dislike allows Functionality Bypass.This issue affects Comments Like Dislike: from n/a through...

CVE-2024-25595

Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through...

CVE-2024-25595

Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through...

CVE-2024-21746

Authentication Bypass by Spoofing vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through...

CVE-2024-21746

Authentication Bypass by Spoofing vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through...

CVE-2024-21746 WordPress Wp Ultimate Review plugin <= 2.3.2 - IP limit Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through...

CVE-2024-21746 WordPress Wp Ultimate Review plugin <= 2.3.2 - IP limit Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through...

CVE-2024-25595 WordPress Defender Security plugin <= 4.4.1 - IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through...

CVE-2024-25906 WordPress Comments Like Dislike plugin <= 1.2.2 - IP Restriction Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in WP Happy Coders Comments Like Dislike allows Functionality Bypass.This issue affects Comments Like Dislike: from n/a through...

CVE-2024-30479 WordPress LionScripts: IP Blocker Lite plugin <= 11.1.1 - Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in LionScripts IP Blocker Lite allows Functionality Bypass.This issue affects IP Blocker Lite: from n/a through...

CVE-2024-30479 WordPress LionScripts: IP Blocker Lite plugin <= 11.1.1 - Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in LionScripts IP Blocker Lite allows Functionality Bypass.This issue affects IP Blocker Lite: from n/a through...

CVE-2024-30480 WordPress CGC Maintenance Mode plugin <= 1.2 - IP Filtering Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Pippin Williamson CGC Maintenance Mode allows Functionality Bypass.This issue affects CGC Maintenance Mode: from n/a through...

CVE-2024-30480 WordPress CGC Maintenance Mode plugin <= 1.2 - IP Filtering Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Pippin Williamson CGC Maintenance Mode allows Functionality Bypass.This issue affects CGC Maintenance Mode: from n/a through...

CVE-2024-30522 WordPress Newsletter plugin <= 8.2.0 - IP Blacklist Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through...

CVE-2024-30522 WordPress Newsletter plugin <= 8.2.0 - IP Blacklist Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through...

CVE-2024-33917 WordPress WTI Like Post plugin <= 1.4.6 - IP Restriction Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in webtechideas WTI Like Post allows Functionality Bypass.This issue affects WTI Like Post: from n/a through...

CVE-2024-33917 WordPress WTI Like Post plugin <= 1.4.6 - IP Restriction Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in webtechideas WTI Like Post allows Functionality Bypass.This issue affects WTI Like Post: from n/a through...