WP Content Copy Protection & No Right Click (WordPress Plugin) Security Vulnerabilities

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS RM3/CRS dispenser firmware (all versions up to and including 41128 1002 RM3_CRS.BTR + 170329 2332 RM3_CRS.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5 CMDv5 dispenser firmware (all versions up to and including 141128 1002 CD5_ATM.BTR + 170329 2332 CD5_ATM.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

CapraRAT Spyware Disguised as Popular Apps Threatens Android Users

The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest. "These APKs continue the group's trend of embedding spyware into curated video browsing applications, with a new expansion...

Indian Software Firm's Products Hacked to Spread Data-Stealing Malware

Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to Notezilla, RecentX, and Copywhiz, according to cybersecurity firm Rapid7, which discovered the supply...

End-to-End Secrets Security: Making a Plan to Secure Your Machine Identities

At the heart of every application are secrets. Credentials that allow human-to-machine and machine-to-machine communication. Machine identities outnumber human identities by a factor of 45-to-1 and represent the majority of secrets we need to worry about. According to CyberArk's recent research,...

New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems

OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems. The vulnerability has been assigned the CVE identifier CVE-2024-6387. It resides in the OpenSSH...

Exploit for CVE-2024-37765

Description MachForm up to version 19 is affected by an...

CVE-2024-6387

No description is available for this...

CVE-2024-39430

In faceid servive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges...

CVE-2024-39430

In faceid servive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges...

CVE-2024-39429

In faceid servive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges...

CVE-2024-39429

In faceid servive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges...

CVE-2024-21626 vulnerabilities

Vulnerabilities for packages: nerdctl, syft, docker, nvidia-device-plugin, grype, k3d, kots, cadvisor, ctop, k3s, kubernetes, newrelic-infrastructure-agent, trivy, zarf, kubescape, zot, runc, ingress-nginx-controller, telegraf, datadog-agent, kaniko, buildkitd, skopeo, wolfictl, skaffold,...

GHSA-VVPX-J8F3-3W6H vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, dynamic-localpv-provisioner, falco, grpcurl, hey, k3d, restic, go,...

CVE-2021-3738 affecting package samba 4.12.5-6

CVE-2021-3738 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-23192 affecting package samba 4.12.5-6

CVE-2021-23192 affecting package samba 4.12.5-6. No patch is available...

CVE-1999-0901 affecting package ypserv 4.1-4

CVE-1999-0901 affecting package ypserv 4.1-4. No patch is available...

CVE-2019-17414 affecting package vino 3.22.0-20

CVE-2019-17414 affecting package vino 3.22.0-20. No patch is available...

CVE-2021-28543 affecting package varnish-modules 0.16.0-4

CVE-2021-28543 affecting package varnish-modules 0.16.0-4. This CVE either no longer is or was never...

CVE-2005-0868 affecting package tn5250 0.17.4-26

CVE-2005-0868 affecting package tn5250 0.17.4-26. No patch is available...

CVE-2019-12280 affecting package toolbox 0.0.18-9

CVE-2019-12280 affecting package toolbox 0.0.18-9. This CVE either no longer is or was never...

CVE-1999-1090 affecting package telnet 0.17-81

CVE-1999-1090 affecting package telnet 0.17-81. This CVE either no longer is or was never...

CVE-2012-3381 affecting package sblim-sfcb 1.4.9-20

CVE-2012-3381 affecting package sblim-sfcb 1.4.9-20. No patch is available...

CVE-2020-14383 affecting package samba 4.12.5-6

CVE-2020-14383 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-14323 affecting package samba 4.12.5-6

CVE-2020-14323 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-14318 affecting package samba 4.12.5-6

CVE-2020-14318 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-21704 affecting package php 7.4.14-3

CVE-2021-21704 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2007-3205 affecting package php 7.4.14-3

CVE-2007-3205 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2011-1429 affecting package mutt 2.2.12-1

CVE-2011-1429 affecting package mutt 2.2.12-1. No patch is available...

CVE-2021-3571 affecting package linuxptp 2.0-8

CVE-2021-3571 affecting package linuxptp 2.0-8. This CVE either no longer is or was never...

CVE-2004-2779 affecting package libid3tag 0.15.1b-33

CVE-2004-2779 affecting package libid3tag 0.15.1b-33. No patch is available...

CVE-2017-1000231 affecting package ldns 1.7.0-31

CVE-2017-1000231 affecting package ldns 1.7.0-31. This CVE either no longer is or was never...

CVE-2017-6833 affecting package audiofile 0.3.6-27

CVE-2017-6833 affecting package audiofile 0.3.6-27. No patch is available...

CVE-2017-6829 affecting package audiofile 0.3.6-27

CVE-2017-6829 affecting package audiofile 0.3.6-27. No patch is available...

CVE-2017-6828 affecting package audiofile 0.3.6-27

CVE-2017-6828 affecting package audiofile 0.3.6-27. No patch is available...

CVE-2012-2653 affecting package arpwatch 2.1a15-51

CVE-2012-2653 affecting package arpwatch 2.1a15-51. No patch is available...

CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5

CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, keda, velero, nri-mssql, prometheus-beat-exporter, nri-apache, rqlite, go-bindata, vertical-pod-autoscaler, flux, go-md2man, configmap-reload, yq, newrelic-prometheus-configurator, aws-flb-cloudwatch, dagger, dgraph,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: coredns, dex, stakater-reloader, cosign, keda, rqlite, kots, istio-envoy, flux-notification-controller, prometheus-stackdriver-exporter, dgraph, nri-prometheus, ip-masq-agent, nginx-stable, goreleaser, minio, cert-manager, sigstore-scaffolding, envoy-ratelimit,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, cosign, keda, syft, velero, cilium-cli, prometheus-beat-exporter, kots, restic, rook, rqlite, falcoctl, spicedb, vertical-pod-autoscaler, flux, configmap-reload, flux-notification-controller, fulcio, prometheus-stackdriver-exporter, dagger,...

CVE-2022-41723 vulnerabilities

Vulnerabilities for packages: gke-gcloud-auth-plugin, dynamic-localpv-provisioner, falco, grpcurl, hey, k3d, restic, go,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: gosu, go-licenses, aactl, flannel-cni-plugin, nats, render-template, gobuster, hey, k3d, go-bindata, mage, sbom-scorecard, sops, vertical-pod-autoscaler, cilium-envoy, configmap-reload, docker-cli, ctop, go-md2man, aws-flb-cloudwatch, prometheus-stackdriver-exporter,.....

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, keda, velero, nri-mssql, prometheus-beat-exporter, nri-apache, rqlite, go-bindata, vertical-pod-autoscaler, flux, go-md2man, configmap-reload, yq, newrelic-prometheus-configurator, aws-flb-cloudwatch, dagger, dgraph,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: falcosidekick, nri-mssql, ghaudit, flux, yq, newrelic-prometheus-configurator, dgraph, kubeadm-controlplane-controller, ip-masq-agent, kubernetes-ingress-defaultbackend, trillian, goreleaser, php-fpm_exporter, cfssl, metallb, buildkitd, loki, task, gitness,...

CVE-2022-28506 affecting package giflib 5.2.1-5

CVE-2022-28506 affecting package giflib 5.2.1-5. This CVE either no longer is or was never...

CVE-2021-3847 affecting package kernel 5.15.160.1-1

CVE-2021-3847 affecting package kernel 5.15.160.1-1. No patch is available...

CVE-2021-3618 affecting package sendmail 8.15.2-46

CVE-2021-3618 affecting package sendmail 8.15.2-46. No patch is available...

CVE-2020-25719 affecting package samba 4.12.5-6

CVE-2020-25719 affecting package samba 4.12.5-6. No patch is available...

CVE-2016-2124 affecting package samba 4.12.5-6

CVE-2016-2124 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-0529 affecting package unzip 6.0-20

CVE-2022-0529 affecting package unzip 6.0-20. No patch is available...