The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's menu and shape widgets in all versions up to, and including, 4.10.30 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
6.4CVSS
5.7AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix htt pktlog locking The ath11k active pdevs are protected by RCU but the htt pktlog handling code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a read-side critical section. Mark the code in question as....
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix dfs radar event locking The ath11k active pdevs are protected by RCU but the DFS radar event handling code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a read-side critical section. Mark the code in...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: i2c: core: Run atomic i2c xfer when !preemptible Since bae1d3a05a8b, i2c transfers are non-atomic if preemption is disabled. However, non-atomic i2c transfers require preemption (e.g. in wait_for_completion() while waiting for the....
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix gtk offload status event locking The ath11k active pdevs are protected by RCU but the gtk offload status event handling code calling ath11k_mac_get_arvif_by_vdev_id() was not marked as a read-side critical...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dfs-radar and temperature event locking The ath12k active pdevs are protected by RCU but the DFS-radar and temperature event handling code calling ath12k_mac_get_ar_by_pdev_id() was not marked as a read-side...
6.7AI Score
0.0004EPSS
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's menu and shape widgets in all versions up to, and including, 4.10.30 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
6.4CVSS
5.9AI Score
0.001EPSS
(RHSA-2024:3319) Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: netfilter: nf_tables: reject QUEUE/DROP verdict parameters (CVE-2024-1086) kernel: hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982) For more...
6.8AI Score
0.011EPSS
(RHSA-2024:3316) Important: Migration Toolkit for Applications security and bug fix update
Migration Toolkit for Applications 7.0.3 Images Security Fix(es) from Bugzilla: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288) webpack-dev-middleware: lack of URL validation may lead to file leak (CVE-2024-29180) axios: exposure of...
7.4AI Score
EPSS
The Awesome Contact Form7 for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'AEP Contact Form 7' widget in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for....
6.4CVSS
5.9AI Score
0.0004EPSS
The Awesome Contact Form7 for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'AEP Contact Form 7' widget in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for....
6.4CVSS
5.7AI Score
0.0004EPSS
The WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.23 via the wpc_check_for_submission function. This makes it possible for...
5.3CVSS
6.9AI Score
0.001EPSS
The WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.23 via the wpc_check_for_submission function. This makes it possible for...
5.3CVSS
5.7AI Score
0.001EPSS
CVE-2024-1855 WPCafe <= 2.2.23 - Unauthenticated Blind Server-Side Request Forgery
The WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.23 via the wpc_check_for_submission function. This makes it possible for...
5.3CVSS
5.7AI Score
0.001EPSS
CVE-2024-1855 WPCafe <= 2.2.23 - Unauthenticated Blind Server-Side Request Forgery
The WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.23 via the wpc_check_for_submission function. This makes it possible for...
5.3CVSS
7AI Score
0.001EPSS
The Awesome Contact Form7 for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'AEP Contact Form 7' widget in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for....
6.4CVSS
5.9AI Score
0.0004EPSS
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3214 advisory. The gmp packages contain GNU MP, a library for arbitrary precision arithmetics, signed integers operations, rational numbers, and floating point...
7.5CVSS
7.8AI Score
0.006EPSS
RHEL 8 : resource-agents (RHSA-2024:2952)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2952 advisory. The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several....
5.9CVSS
6.2AI Score
0.001EPSS
RHEL 8 : container-tools:rhel8 (RHSA-2024:2988)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2988 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): *...
7.5CVSS
8.4AI Score
0.963EPSS
openSUSE 15 Security Update : gitui (openSUSE-SU-2024:0135-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2024:0135-1 advisory. - update to version 0.26.2: * respect configuration for remote when fetching (also applies to pulling) * add : character to sign-off trailer...
5.9CVSS
8AI Score
0.963EPSS
kernel security, bug fix, and enhancement update
[4.18.0-553.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with...
9.8CVSS
8AI Score
EPSS
Floating Chat Widget < 3.2.3 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). PoC 1. Go "Chaty > Create New...
5.4AI Score
0.0004EPSS
RHEL 7 : kernel (RHSA-2024:3319)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3319 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: netfilter: nf_tables:...
7.8CVSS
7.5AI Score
0.011EPSS
Apache Tomcat 7.0.0 < 7.0.99 multiple vulnerabilities
The version of Tomcat installed on the remote host is prior to 7.0.99. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_7.0.99_security-7 advisory. When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to...
7.5CVSS
7.8AI Score
0.004EPSS
Floating Chat Widget < 3.2.3 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
5.7AI Score
0.0004EPSS
The version of Tomcat installed on the remote host is prior to 8.5.38. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_8.5.38_security-8 advisory. The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with ...
7.5CVSS
7.2AI Score
0.727EPSS
Premium Addons for Elementor < 4.10.32 - Contributor+ Stored XSS
Description The plugin is vulnerable to Stored Cross-Site Scripting via the plugin's menu and shape widgets due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject....
6.4CVSS
5.8AI Score
0.001EPSS
RHEL 8 : fence-agents (RHSA-2024:2968)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2968 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...
6.1CVSS
6.6AI Score
0.001EPSS
USN-6733-1: GnuTLS vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-28834) It was...
5.3CVSS
7.4AI Score
0.0005EPSS
VuFind Server-Side Request Forgery (SSRF) vulnerability
A Server-Side Request Forgery (SSRF) vulnerability in the /Upgrade/FixConfig route in Open Library Foundation VuFind 2.0 through 9.1 before 9.1.1 allows a remote attacker to overwrite local configuration files to gain access to the administrator panel and achieve Remote Code Execution. A...
7.9AI Score
EPSS
VuFind Server-Side Request Forgery (SSRF) vulnerability
A Server-Side Request Forgery (SSRF) vulnerability in the /Upgrade/FixConfig route in Open Library Foundation VuFind 2.0 through 9.1 before 9.1.1 allows a remote attacker to overwrite local configuration files to gain access to the administrator panel and achieve Remote Code Execution. A...
7.6AI Score
EPSS
VuFind Server-Side Request Forgery (SSRF) vulnerability
A Server-Side Request Forgery (SSRF) vulnerability in the /Cover/Show route (showAction in CoverController.php) in Open Library Foundation VuFind 2.4 through 9.1 before 9.1.1 allows remote attackers to access internal HTTP servers and perform Cross-Site Scripting (XSS) attacks by proxying...
6.3AI Score
EPSS
VuFind Server-Side Request Forgery (SSRF) vulnerability
A Server-Side Request Forgery (SSRF) vulnerability in the /Cover/Show route (showAction in CoverController.php) in Open Library Foundation VuFind 2.4 through 9.1 before 9.1.1 allows remote attackers to access internal HTTP servers and perform Cross-Site Scripting (XSS) attacks by proxying...
6.5AI Score
EPSS
(RHSA-2024:2729) Important: Red Hat OpenStack Platform 17.1 (etcd) security update
A highly-available key value store for shared configuration Security Fix(es): golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326) crypto/tls:...
8.4AI Score
0.732EPSS
(RHSA-2024:2730) Important: Red Hat OpenStack Platform 17.1 (collectd-sensubility) security update
This project aims to provide the possibility to switch from Sensu-based availability monitoring solution to a monitoring solution based on collectd with AMQP-1.0 messaging bus. Security Fix(es): golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) ...
7.4AI Score
0.001EPSS
(RHSA-2024:2767) Important: Red Hat OpenStack Platform 17.1 (collectd-sensubility) security update
This project provides the possibility to switch from the Sensu-based availability monitoring solution to a monitoring solution based on collectd with AMQP-1.0 messaging bus. Security Fix(es): Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) net/http/internal: Denial...
7.4AI Score
0.001EPSS
HackerOne: Access Control Vulnerability Enabling Unauthorized Access to Limited Disclosure Reports
Summary: Hi there, I hope you are doing well :) I found a vulnerability which allows me to close a report as duplicate of another program report. This can cause problems in various ways, i will include some of them and rest needs to be verified on Hackerone side what additional impact it can...
7.2AI Score
A Server-Side Request Forgery (SSRF) vulnerability in the /Cover/Show route (showAction in CoverController.php) in Open Library Foundation VuFind 2.4 through 9.1 before 9.1.1 allows remote attackers to access internal HTTP servers and perform Cross-Site Scripting (XSS) attacks by proxying...
6.3AI Score
EPSS
A Server-Side Request Forgery (SSRF) vulnerability in the /Cover/Show route (showAction in CoverController.php) in Open Library Foundation VuFind 2.4 through 9.1 before 9.1.1 allows remote attackers to access internal HTTP servers and perform Cross-Site Scripting (XSS) attacks by proxying...
6.1AI Score
EPSS
A Server-Side Request Forgery (SSRF) vulnerability in the /Cover/Show route (showAction in CoverController.php) in Open Library Foundation VuFind 2.4 through 9.1 before 9.1.1 allows remote attackers to access internal HTTP servers and perform Cross-Site Scripting (XSS) attacks by proxying...
6.3AI Score
EPSS
A Server-Side Request Forgery (SSRF) vulnerability in the /Upgrade/FixConfig route in Open Library Foundation VuFind 2.0 through 9.1 before 9.1.1 allows a remote attacker to overwrite local configuration files to gain access to the administrator panel and achieve Remote Code Execution. A...
7.4AI Score
EPSS
A Server-Side Request Forgery (SSRF) vulnerability in the /Upgrade/FixConfig route in Open Library Foundation VuFind 2.0 through 9.1 before 9.1.1 allows a remote attacker to overwrite local configuration files to gain access to the administrator panel and achieve Remote Code Execution. A...
7.2AI Score
EPSS
Researchers Warn of Chinese-Aligned Hackers Targeting South China Sea Countries
Cybersecurity researchers have disclosed details of a previously undocumented threat group called Unfading Sea Haze that's believed to have been active since 2018. The intrusion singled out high-level organizations in South China Sea countries, particularly military and government targets,...
7.8AI Score
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: explicitly clear ioctl input data As seen from a recent syzbot bug report, mistakes in the compat ioctl implementation can lead to uninitialized kernel stack data getting used as input for driver ioctl handlers......
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 ("scsi: core: Fix error handling of scsi_host_alloc()") changed the allocation logic to call put_device() to perform host cleanup with...
6.5AI Score
0.0004EPSS
Summary External service interaction arises when it is possible to induce an application to interact with an arbitrary external service, such as a web or mail server. The ability to trigger arbitrary external service interactions does not constitute a vulnerability in its own right, and in some...
4.3CVSS
7.1AI Score
0.001EPSS
The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.11.29 via the 'mepr-user-file' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary...
8.5CVSS
6.4AI Score
0.0005EPSS
The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.11.29 via the 'mepr-user-file' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary...
8.5CVSS
8.2AI Score
0.0005EPSS
GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack
Cybersecurity researchers have discovered a new cryptojacking campaign that employs vulnerable drivers to disable known security solutions (EDRs) and thwart detection in what's called a Bring Your Own Vulnerable Driver (BYOVD) attack. Elastic Security Labs is tracking the campaign under the name...
10CVSS
7.2AI Score
0.976EPSS
The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.11.29 via the 'mepr-user-file' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary...
8.5CVSS
6.5AI Score
0.0005EPSS