Import WP – Import And Export WordPress Data To XML Or CSV Files Security Vulnerabilities

CVE-2010-4226 affecting package cpio 2.13-3

CVE-2010-4226 affecting package cpio 2.13-3. This CVE either no longer is or was never...

CVE-2023-23914 affecting package cmake 3.21.4-3

CVE-2023-23914 affecting package cmake 3.21.4-3. This CVE either no longer is or was never...

CVE-2023-25193 affecting package mozjs60 60.9.0-13

CVE-2023-25193 affecting package mozjs60 60.9.0-13. This CVE either no longer is or was never...

CVE-2022-4304 affecting package cloud-hypervisor 22.0-2

CVE-2022-4304 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...

CVE-2022-4415 affecting package systemd 239-43

CVE-2022-4415 affecting package systemd 239-43. This CVE either no longer is or was never...

CVE-2022-3715 affecting package bash 4.4.23-1

CVE-2022-3715 affecting package bash 4.4.23-1. This CVE either no longer is or was never...

CVE-2022-38128 affecting package binutils 2.36.1-2

CVE-2022-38128 affecting package binutils 2.36.1-2. This CVE either no longer is or was never...

CVE-2021-3996 affecting package util-linux 2.32.1-7

CVE-2021-3996 affecting package util-linux 2.32.1-7. This CVE either no longer is or was never...

CVE-2021-33463 affecting package yasm 1.3.0-14

CVE-2021-33463 affecting package yasm 1.3.0-14. This CVE either no longer is or was never...

CVE-2022-1050 affecting package qemu-kvm 4.2.0-38

CVE-2022-1050 affecting package qemu-kvm 4.2.0-38. This CVE either no longer is or was never...

CVE-2021-34141 affecting package numpy 1.16.6-2

CVE-2021-34141 affecting package numpy 1.16.6-2. This CVE either no longer is or was never...

CVE-2018-25032 affecting package python2 for versions less than 2.7.18-13

CVE-2018-25032 affecting package python2 for versions less than 2.7.18-13. This CVE either no longer is or was never...

CVE-2022-41724 affecting package gcc 9.1.0-7

CVE-2022-41724 affecting package gcc 9.1.0-7. This CVE either no longer is or was never...

CVE-2023-0215 affecting package rust 1.59.0-1

CVE-2023-0215 affecting package rust 1.59.0-1. This CVE either no longer is or was never...

CVE-2022-4450 affecting package rust 1.59.0-1

CVE-2022-4450 affecting package rust 1.59.0-1. This CVE either no longer is or was never...

CVE-2022-4450 affecting package cloud-hypervisor 22.0-2

CVE-2022-4450 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...

CVE-2020-2801 affecting package openjdk8 1.8.0.332-1

CVE-2020-2801 affecting package openjdk8 1.8.0.332-1. This CVE either no longer is or was never...

CVE-2022-38127 affecting package binutils 2.36.1-2

CVE-2022-38127 affecting package binutils 2.36.1-2. This CVE either no longer is or was never...

CVE-2021-35938 affecting package rpm 4.14.2-15

CVE-2021-35938 affecting package rpm 4.14.2-15. This CVE either no longer is or was never...

CVE-2021-3997 affecting package systemd 239-42

CVE-2021-3997 affecting package systemd 239-42. This CVE either no longer is or was never...

CVE-2021-33458 affecting package yasm 1.3.0-14

CVE-2021-33458 affecting package yasm 1.3.0-14. This CVE either no longer is or was never...

CVE-2020-15945 affecting package lua 5.3.5-9

CVE-2020-15945 affecting package lua 5.3.5-9. This CVE either no longer is or was never...

CVE-2023-25193 affecting package qt5-qtbase 5.12.11-7

CVE-2023-25193 affecting package qt5-qtbase 5.12.11-7. This CVE either no longer is or was never...

CVE-2023-25136 affecting package openssh 8.9p1-3

CVE-2023-25136 affecting package openssh 8.9p1-3. This CVE either no longer is or was never...

CVE-2018-25078 affecting package man-db 2.8.4-5

CVE-2018-25078 affecting package man-db 2.8.4-5. This CVE either no longer is or was never...

CVE-2022-3515 affecting package gnupg2 2.2.20-4

CVE-2022-3515 affecting package gnupg2 2.2.20-4. This CVE either no longer is or was never...

CVE-2020-0569 affecting package qt5-qtsvg 5.12.11-4

CVE-2020-0569 affecting package qt5-qtsvg 5.12.11-4. This CVE either no longer is or was never...

CVE-2021-3672 affecting package pgbouncer 1.16.1-1

CVE-2021-3672 affecting package pgbouncer 1.16.1-1. This CVE either no longer is or was never...

CVE-2021-3995 affecting package util-linux 2.32.1-7

CVE-2021-3995 affecting package util-linux 2.32.1-7. This CVE either no longer is or was never...

CVE-2010-4756 affecting package glibc 2.28-24

CVE-2010-4756 affecting package glibc 2.28-24. This CVE either no longer is or was never...

CVE-2023-44487 affecting package containerized-data-importer for versions less than 1.55.0-15

CVE-2023-44487 affecting package containerized-data-importer for versions less than 1.55.0-15. A patched version of the package is...

CVE-2023-44487 affecting package csi-driver-lvm for versions less than 0.4.1-13

CVE-2023-44487 affecting package csi-driver-lvm for versions less than 0.4.1-13. This CVE either no longer is or was never...

CVE-2023-44487 affecting package nmi for versions less than 1.8.7-14

CVE-2023-44487 affecting package nmi for versions less than 1.8.7-14. This CVE either no longer is or was never...

CVE-2023-39325 affecting package vitess for versions less than 16.0.2-5

CVE-2023-39325 affecting package vitess for versions less than 16.0.2-5. This CVE either no longer is or was never...

CVE-2023-44487 affecting package vitess for versions less than 16.0.2-5

CVE-2023-44487 affecting package vitess for versions less than 16.0.2-5. This CVE either no longer is or was never...

CVE-2018-14040 affecting package reaper for versions less than 3.1.1-1

CVE-2018-14040 affecting package reaper for versions less than 3.1.1-1. This CVE either no longer is or was never...

CVE-2024-25637

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-38272 Auth Bypass in Quickshare

There exists a vulnerability in Quickshare/Nearby where an attacker can bypass the accept file dialog on QuickShare Windows. Normally in QuickShare Windows app we can't send a file without the user accept from the receiving device if the visibility is set to everyone mode or contacts mode. We...

CVE-2024-38271 Denial of Service in Quickshare

There exists a vulnerability in Quickshare/Nearby where an attacker can force the a victim to stay connected to a temporary hotspot created for the share. As part of the sequence of packets in a QuickShare connection over Bluetooth, the attacker forces the victim to connect to the attacker’s WiFi.....

CVE-2024-6349

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering...

CVE-2024-4604

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Magarsus Consultancy SSO (Single Sign On) allows Manipulating Hidden Fields.This issue affects SSO (Single Sign On): from 1.0 before...

CVE-2024-4228

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 200 - Exposure of Sensitive Information to an Unauthorized Actor, CWE - 522 - Insufficiently Protected Credentials vulnerability in Magarsus Consultancy SSO (Single Sign On) allows SQL Injection.This issue.....

CVE-2024-4604 Open Redirect in Magarsus Consultancy's SSO

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Magarsus Consultancy SSO (Single Sign On) allows Manipulating Hidden Fields.This issue affects SSO (Single Sign On): from 1.0 before...

New MOVEit Transfer Vulnerability Under Active Exploitation - Patch ASAP!

A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability, tracked as CVE-2024-5806 (CVSS score: 9.1), concerns an authentication bypass that...

CVE-2024-4228 SQLi in Magarsus Consultancy's SSO

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 200 - Exposure of Sensitive Information to an Unauthorized Actor, CWE - 522 - Insufficiently Protected Credentials vulnerability in Magarsus Consultancy SSO (Single Sign On) allows SQL Injection.This issue.....

CVE-2024-4228 SQLi in Magarsus Consultancy's SSO

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 200 - Exposure of Sensitive Information to an Unauthorized Actor, CWE - 522 - Insufficiently Protected Credentials vulnerability in Magarsus Consultancy SSO (Single Sign On) allows SQL Injection.This issue.....

XAES-256-GCM

About a year ago I wrote that "I want to use XAES-256-GCM/11, which has a number of nice properties and only the annoying defect of not existing." Well, there is now an XAES-256-GCM specification. (Had to give up on the /11 part, but that was just a performance optimization.) XAES-256-GCM is an...

Federal Reserve “breached” data may actually belong to Evolve Bank

A shockwave went through the financial world when ransomware group LockBit claimed to have breached the US Federal Reserve, the central banking system of the United States. On LockBit's dark web leak site, the group threatened to release over 30 TB of banking information containing Americans'...

October System module has a Reflected XSS via X-October-Request-Handler Header

Impact The X-October-Request-Handler Header does not sanitize the AJAX handler name and allows unescaped HTML to be reflected back. There is no impact since this vulnerability cannot be exploited through normal browser interactions. This unescaped value is only detectable when using a proxy...

en.radreisen.at Cross Site Scripting vulnerability OBB-3939116

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...