103 matches found
Oracle Linux 7 : sssd (ELSA-2023-0403)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-0403 advisory. 1.16.5-10.0.3 - Revert Redhat's change of disallowing duplicated incomplete gid when 'idprovider=ldap' is used, which caused regression in AD environment. Orabu...
RHEL 7 : sssd (RHSA-2023:0403)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0403 advisory. The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It...
CVE-2023-0403
Vulnerability summary (CVE-2023-0403) : The WordPress Social Warfare plugin (versions up to and including 4.4.0) suffers a Cross-Site Request Forgery due to missing/incorrect nonce validation on several AJAX actions. This allows unauthenticated attackers to perform unauthorized actions, notably d...
WordPress Social Warfare Plugin <= 4.3.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Social Warfare Type Plugin Vulnerable versions = 4.3.1 Fixed in 4.4.0 OWASP Top 10 A8: Cross Site Request Forgery CSRF Classification Cross Site Request Forgery CSRF CVE CVE-2023-0403 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2ad0dd31224b Credits Marco...
Mageia: Security Advisory (MGASA-2022-0403)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-0403
The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the elFinder library, which is know to be affected by security issues CVE-2021-32682, and does not have any authorisation as well as CSRF checks in its connector AJAX action, allowing any authenticated users,...
CVE-2022-0403
CVE-2022-0403 relates to the WordPress plugin Library File Manager (up to version 5.2.3) using an outdated elFinder library that is vulnerable (CVE-2021-32682). The root cause is lack of authorization and CSRF protection in the connector AJAX action, allowing any authenticated user, even at Subsc...
Mageia: Security Advisory (MGASA-2020-0403)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2016-0403)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0403)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2019-0403)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0266-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0266-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0266-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0246-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-0403
creationtimestamp| type| source ---|---|--- 2021-02-27 00:39:37+00:00| seen| https://t.me/cibsecurity/24257...
CVE-2021-0403
CVE-2021-0403 affects MediaTek netdiag on Android-11 . The root cause is a missing permission check in netdiag that can cause local information disclosure with System execution privileges needed. Exploitation requires no user interaction (local attack). Publicly documented patch: ALPS05475124 . E...
CVE-2020-0403
CVE-2020-0403 affects the FPC TrustZone fingerprint app and can enable local elevation of privilege in the TEE via an exposed test feature, requiring System-level privileges with no user interaction (per the NVD/Red Hat/PRION entries). The issue is categorized as Elevation of Privilege (EoP) affe...
CVE-2019-0403
The CVE-2019-0403 case concerns SAP Enable Now (before version 1911). The available connected sources confirm a vulnerability in CSV handling where an attacker can input commands into CSV files, and those commands are executed when the file is opened, resulting in CSV Command Injection. The root ...
CVE-2019-0403
SAP Enable Now, before version 1911, allows an attacker to input commands into the CSV files, which will be executed when opened, leading to CSV Command Injection...