The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ajax_load_more shortcode in versions up to, and including, 7.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,.....
5.9AI Score
6.9AI Score
0.019EPSS
The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Social Profiles widget in all versions up to, and including, 3.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
5.9AI Score
6.5AI Score
0.019EPSS
7AI Score
0.004EPSS
7.4AI Score
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : Java (SUSE-SU-2024:1874-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1874-1 advisory. This update for Java fixes thefollowing issues: apiguardian was updated to vesion 1.1.2: - Added...
8.1AI Score
7.1AI Score
0.013EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gstreamer-plugins-base (SUSE-SU-2024:1882-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1882-1 advisory. - CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata ...
7AI Score
SUSE SLES15 Security Update : gstreamer-plugins-base (SUSE-SU-2024:1886-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1886-1 advisory. - CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata (bsc#1224806) Tenable has extracted...
7AI Score
7.4AI Score
A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length...
6.8AI Score
The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privileged actions on behalf of the snap. It was found that snapctl did not properly parse command-line arguments, allowing an unprivileged user to trigger an authorised action on behalf of.....
6.9AI Score
The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privileged actions on behalf of the snap. It was found that snapctl did not properly parse command-line arguments, allowing an unprivileged user to trigger an authorised action on behalf of.....
7.2AI Score
CVE-2024-34009 moodle: ReCAPTCHA can be bypassed on the login page
Insufficient checks whether ReCAPTCHA was enabled made it possible to bypass the checks on the login page. This did not affect other pages where ReCAPTCHA is...
6.9AI Score
CVE-2024-34008 moodle: CSRF risk in analytics management of models
Actions in the admin management of analytics models did not include the necessary token to prevent a CSRF...
6.9AI Score
CVE-2024-34007 moodle: logout CSRF in admin/tool/mfa/auth.php
The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via...
6.9AI Score
CVE-2024-34006 moodle: unsanitized HTML in site log for config_log_created
The site log report required additional encoding of event descriptions to ensure any HTML in the content is displayed in plaintext instead of being...
6.7AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore database activity modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore wiki modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore workshop modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore feedback modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
CVE-2024-34001 moodle: CSRF risk in admin preset tool management of presets
Actions in the admin preset tool did not include the necessary token to prevent a CSRF...
6.9AI Score
CVE-2024-34000 moodle: stored XSS in lesson overview report via user ID number
ID numbers displayed in the lesson overview report required additional sanitizing to prevent a stored XSS...
5.9AI Score
CVE-2024-33999 moodle: unsafe direct use of $_SERVER['HTTP_REFERER'] in admin/tool/mfa/index.php
The referrer URL used by MFA required additional sanitizing, rather than being used...
7.2AI Score
CVE-2024-33998 moodle: stored XSS via user's name on participants page when opening some options
Insufficient escaping of participants' names in the participants page table resulted in a stored XSS risk when interacting with some...
6AI Score
CVE-2024-33997 moodle: stored XSS risk when editing another user's equation in equation editor
Additional sanitizing was required when opening the equation editor to prevent a stored XSS risk when editing another user's...
6AI Score
CVE-2024-33996 moodle: broken access control when setting calendar event type
Incorrect validation of allowed event types in a calendar web service made it possible for some users to create events with types/audiences they did not have permission to publish...
7AI Score
An invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the...
6.9AI Score
libmodbus v3.1.6 was discovered to contain a heap overflow via the modbus_mapping_free()...
7.9AI Score
libmodbus v3.1.6 was discovered to contain a use-after-free via the ctx->backend pointer. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the...
7.3AI Score
CVE-2024-23316 PingAccess HTTP Request Desynchronization Weakness
HTTP request desynchronization in Ping Identity PingAccess, all versions prior to 8.0.1 affected allows an attacker to send specially crafted http header requests to create a request smuggling condition for proxied...
7AI Score
Metasploit Weekly Wrap-Up 05/31/2024
Quis dīrumpet ipsos dīrumpēs In this release, we feature a double-double: two exploits each targeting two pieces of software. The first pair is from h00die targeting the Jasmine Ransomeware Web Server. The first uses CVE-2024-30851 to retrieve the login for the ransomware server, and the second...
8.3AI Score
0.005EPSS
CVE-2024-5564 Libndp: buffer overflow in route information length field
A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length...
7AI Score
An issue in coap_msg.c in Keith Cullen's FreeCoAP v.0.7 allows remote attackers to cause a Denial of Service or potentially disclose information via a specially crafted...
6.9AI Score
Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which results in sensitive information...
6.6AI Score
An unrestricted file upload vulnerability in web component of Ivanti Neurons for ITSM allows a remote, authenticated, high privileged user to write arbitrary files into sensitive directories of ITSM...
7AI Score
A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a low privileged user to execute code as...
7.6AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary...
8.3AI Score
An unrestricted file upload vulnerability in web component of Ivanti Avalanche before 6.4.x allows an authenticated, privileged user to execute arbitrary commands as...
7.8AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary...
8.7AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary...
8.3AI Score
A local privilege escalation vulnerability in Ivanti Secure Access Client for Linux before 22.7R1, allows a low privileged user to execute code as...
7.5AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary...
8.7AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary...
8.7AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary...
8.3AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary...
8.7AI Score
A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote authenticated user to read/modify/delete information in the underlying database. This may also lead to...
7.6AI Score
A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and...
8.3AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary...
8.3AI Score