ImageMapper <= 1.2.6 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its imagemap shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
5.4CVSS
7.7AI Score
0.0004EPSS
Intel® Ethernet Controllers and Adapters Advisory
Summary: A potential security vulnerability in some Intel® Ethernet Controllers and Adapters may allow denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-28376 Description: Out-of-bounds read in the firmware for...
7.2AI Score
0.0005EPSS
Lines of code Vulnerability details Impact The airDropTokens() function in the NextGenCore contract is responsible for minting and transferring an NFT to a user, exclusively called by the MinterContract. However, the execution of airDropTokens() within MinterContract#mintAndAuction() prior to...
7.1AI Score
Lines of code Vulnerability details Impact The setCollectionCosts() function within the MinterContract is utilized to establish the collection costs and sales model for an upcoming collection sale. As outlined in the documentation, the expectation is that one token can be minted and auctioned...
6.8AI Score
Nextcloud: Authentication bypass in Global Site Selector allows an attacker to log in as any user
Security advisory at...
9.8CVSS
7.1AI Score
0.001EPSS
Lines of code Vulnerability details Pre-requisite knowledge & an overview of the features in question The AddPartyCardsAuthority contract: The AddPartyCardsAuthority contract is a contract designed to be integrated into a Party and it has only one purpose, and it is to mint new party governance...
7.4AI Score
slsa-verifier vulnerable to mproper validation of npm's publish attestations
Summary slsa-verifier<=2.4.0 does not correctly verify npm's publish attestations signature. Proof of concept Steps to reproduce: 1. curl -Sso attestations.json $(npm view @trishankatdatadog/supreme-goggles --json | jq -r '.dist.attestations.url') 2. curl -Sso supreme-goggles.tgz "$(npm view...
7.2AI Score
slsa-verifier vulnerable to mproper validation of npm's publish attestations
Summary slsa-verifier<=2.4.0 does not correctly verify npm's publish attestations signature. Proof of concept Steps to reproduce: 1. curl -Sso attestations.json $(npm view @trishankatdatadog/supreme-goggles --json | jq -r '.dist.attestations.url') 2. curl -Sso supreme-goggles.tgz "$(npm view...
7.1AI Score
The ImageMapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'imagemap' shortcode in versions up to, and including, 1.2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...
5.4CVSS
0.0004EPSS
The ImageMapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'imagemap' shortcode in versions up to, and including, 1.2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...
6.4CVSS
5.3AI Score
0.0004EPSS
The ImageMapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'imagemap' shortcode in versions up to, and including, 1.2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...
5.4CVSS
5.9AI Score
0.0004EPSS
The ImageMapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'imagemap' shortcode in versions up to, and including, 1.2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...
6.4CVSS
5.8AI Score
0.0004EPSS
What is a Cloud Native Application Protection Platform CNAPP ?
Revealing the Secrets of the Cloud-specific Application Safety Platform (CSASP) In the landscape of online safety, the notion of the Cloud-specific Application Safety Platform (CSASP) is something relatively unheard of, but rapidly gaining popularity. Intuitively from its name, CSASP is a system...
7.6AI Score
Ubuntu 18.04 ESM : Symfony vulnerability (USN-4836-1)
The remote Ubuntu 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4836-1 advisory. An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows...
9.8CVSS
7.2AI Score
0.006EPSS
Ubuntu 18.04 ESM / 20.04 ESM : Symfony vulnerabilities (USN-5290-1)
The remote Ubuntu 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5290-1 advisory. Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was...
6.5CVSS
7.4AI Score
0.001EPSS
Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM : jQuery UI vulnerability (USN-5181-1)
The remote Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5181-1 advisory. jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the of option of...
6.5CVSS
6.9AI Score
0.004EPSS
An analysis of an in-the-wild iOS Safari WebContent to GPU Process exploit
By Ian Beer A graph representation of the sandbox escape NSExpression payload In April this year Google's Threat Analysis Group, in collaboration with Amnesty International, discovered an in-the-wild iPhone zero-day exploit chain being used in targeted attacks delivered via malicious link. The...
8.8CVSS
7.4AI Score
0.016EPSS
payableCall in VirtualAccount isn’t protected by requiresApprovedCaller modifier
Lines of code https://github.com/code-423n4/2023-09-maia/blob/main/src/RootBridgeAgent.sol#L248 Vulnerability details Impact due to the lack of access control in payableCall function in VirtualAccount contract, anyone can call payableCall on a user virtual account . An attacker can use this...
7.1AI Score
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5486 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
9.8CVSS
8.2AI Score
0.004EPSS
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5485 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
9.8CVSS
8.2AI Score
0.004EPSS
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes....
9.4AI Score
0.004EPSS
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes....
9.4AI Score
0.004EPSS
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes....
9.4AI Score
0.004EPSS
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : jQuery UI vulnerabilities (USN-6419-1)
The remote Ubuntu 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6419-1 advisory. Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML...
6.5CVSS
8AI Score
0.005EPSS
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5484 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
9.8CVSS
8.2AI Score
0.004EPSS
Summary Applications using jQuery before 3.4.0 are vulnerable cross site scripting for CVE-2019-11358. Following IBM® Engineering Lifecycle Engineering product is vulnerable to this attack, it has been addressed in this bulletin: IBM Jazz Reporting Service Vulnerability Details ** CVEID:...
6.1CVSS
6.4AI Score
0.035EPSS
A reflected cross-site scripting (XSS) vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in...
6.1CVSS
6.2AI Score
0.001EPSS
A reflected cross-site scripting (XSS) vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in...
6.1CVSS
6.1AI Score
0.001EPSS
A reflected cross-site scripting (XSS) vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in...
6.1CVSS
6AI Score
0.001EPSS
A reflected cross-site scripting (XSS) vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in...
6.1CVSS
6.1AI Score
0.001EPSS
A reflected cross-site scripting (XSS) vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in...
6.2AI Score
0.001EPSS
Lines of code Vulnerability details Impact Medium... a number of features within the protocol will not work if an approval reverts in the escrow or anywhere else NB: Report mainly focuses on the usage of the SafeTransferLib's safeApprove(), but bug is attached to the underlying call made to...
6.9AI Score
Oracle Linux 7 : ELSA-2017-1615-1: / kernel (ELSA-2017-16151)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-16151 advisory. The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a MOV SS, NULL selector...
7.5AI Score
0.905EPSS
Debian DLA-3551-1 : otrs2 - LTS security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3551 advisory. jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If...
9.8CVSS
7.8AI Score
0.061EPSS
Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers
Technical Analysis by: Thomas Elkins, Natalie Zargarov Contributions: Evan McCann, Tyler McGraw Recently, Rapid7 observed the Fake Browser Update lure tricking users into executing malicious binaries. While analyzing the dropped binaries, Rapid7 determined a new loader is utilized in order to...
8.3AI Score
mTLS: When certificate authentication is done wrong
Although X.509 certificates have been here for a while, they have become more popular for client authentication in zero-trust networks in recent years. Mutual TLS, or authentication based on X.509 certificates in general, brings advantages compared to passwords or tokens, but you get increased...
8.3CVSS
9.1AI Score
0.003EPSS
Intel® Ethernet Controllers and Adapters Advisory
Summary: A potential security vulnerability in some Intel® Ethernet Controllers and Adapters may allow denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-22276 Description: Race condition in firmware for some...
6.9AI Score
0.0004EPSS
(RHSA-2023:4507) Important: Red Hat JBoss Enterprise Application Platform security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.12 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.11 and includes bug fixes....
6.8AI Score
0.021EPSS
(RHSA-2023:4506) Important: Red Hat JBoss Enterprise Application Platform security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.12 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.11 and includes bug fixes....
6.8AI Score
0.021EPSS
(RHSA-2023:4505) Important: Red Hat JBoss Enterprise Application Platform security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.12 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.11 and includes bug fixes....
6.8AI Score
0.021EPSS
The USDOMarketModule contract's lend function allows for dangerous call delegation
Lines of code Vulnerability details Impact The USDOMarketModule contract is a module that is used by the BaseUSDO contract to facilitate functionality for market actions. The module functionality is invoked through the invocation of a delegatecall within the BaseUSDO contract's _executeModule...
7.1AI Score
The USDOOptionsModule contract's exercise function allows for dangerous call delegation
Lines of code Vulnerability details Impact The USDOOptionsModule contract is a module that is used by the BaseUSDO contract to facilitate functionality for oTap actions. The module functionality is invoked through the invocation of a delegatecall within the BaseUSDO contract's _executeModule...
7.1AI Score
The USDOLeverageModule contract's leverageUp function allows for dangerous call delegation
Lines of code Vulnerability details Impact The USDOLeverageModule contract is a module that is used by the BaseUSDO contract to facilitate functionality for leverage actions. The module functionality is invoked through the invocation of a delegatecall within the BaseUSDO contract's _executeModule.....
7.1AI Score
Liferay DXP 7.4 update 81 < 7.4 update 86 Information Disclosure
The organization selector in Liferay DXP 7.4 update 81 through 85 does not check user permission, which allows remote authenticated users to obtain a list of all organizations. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
4.3CVSS
4.4AI Score
0.001EPSS
Liferay Portal 7.4.3.81 < 7.4.3.86 Information Disclosure
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85 does not check user permission, which allows remote authenticated users to obtain a list of all organizations. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version....
4.3CVSS
4.3AI Score
0.001EPSS
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update 81 through 85 does not check user permission, which allows remote authenticated users to obtain a list of all...
4.3CVSS
4.3AI Score
0.001EPSS
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update 81 through 85 does not check user permission, which allows remote authenticated users to obtain a list of all...
4.3CVSS
6.7AI Score
0.001EPSS
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update 81 through 85 does not check user permission, which allows remote authenticated users to obtain a list of all...
4.3CVSS
4.2AI Score
0.001EPSS
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update 81 through 85 does not check user permission, which allows remote authenticated users to obtain a list of all...
4.3CVSS
4.3AI Score
0.001EPSS
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update 81 through 85 does not check user permission, which allows remote authenticated users to obtain a list of all...
4.3CVSS
4.6AI Score
0.001EPSS