EUVD-2004-0446

Malware in sbrugna...

CVE-2022-0477

An issue has been discovered in GitLab affecting all versions starting from 11.9 before 14.5.4, all versions starting from 14.6.0 before 14.6.4, all versions starting from 14.7.0 before 14.7.1. GitLab was not correctly handling bulk requests to delete existing packages from the package registries...

Linux Distros Unpatched Vulnerability : CVE-2014-0477

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of...

CVE-2025-0477

An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to a weak encryption methodology and could allow a threat actor to extract passwords belonging to other users of the application...

CVE-2025-0477 Rockwell Automation FactoryTalk® AssetCentre Data Exposure Vulnerability

An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to a weak encryption methodology and could allow a threat actor to extract passwords belonging to other users of the application...

Photon OS 3.0: Mysql PHSA-2022-3.0-0477

An update of the mysql package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0477. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Linux PHSA-2022-3.0-0477

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0477. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

RHEL 7 : perl-email-address (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl-Email-Address: denial of service when parsing crafted email address list CVE-2015-7686 -...

GitLab 11.9 < 14.5.4 / 14.6.0 < 14.6.4 / 14.7.0 < 14.7.1 (CVE-2022-0477)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 11.9 before 14.5.4, all versions starting from 14.6.0 before 14.6.4, all versions starting from 14.7.0 before 14.7.1. GitLab...

AlmaLinux 9 : frr (ALSA-2024:0477)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0477 advisory. - bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a flowspec overflow. CVE-2023-38406 - bgpd/bgplabel.c in FRRouti...

Oracle Linux 9 : frr (ELSA-2024-0477)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0477 advisory. 8.3.1-11.2 - Add patches for CVE-2023-47235, CVE-2023-47234, CVE-2023-38406, CVE-2023-38407 Tenable has extracted the preceding description block...

CVE-2024-0477

creationtimestamp| type| source ---|---|--- 2024-01-13 07:26:39+00:00| seen| https://t.me/ctinow/167709 2024-02-02 12:06:39+00:00| seen| https://t.me/ctinow/178041...

CVE-2024-0477

CVE-2024-0477 affects code-projects Fighting Cock Information System 1.0, with a SQL injection vulnerability in /admin/action/update-deworm.php caused by unsafely handling the usage_deworm argument. The issue is exploitable remotely, and the vulnerability has been publicly disclosed. Multiple sou...

CVE-2023-0477

creationtimestamp| type| source ---|---|--- 2023-03-13 19:23:17+00:00| seen| https://t.me/cibsecurity/59915...

CVE-2023-0477

The Auto Featured Image Auto Post Thumbnail WordPress plugin before 3.9.16 includes an AJAX endpoint that allows any user with at least Author privileges to upload arbitrary files, such as PHP files. This is caused by incorrect file extension validation...

CVE-2023-0477

CVE-2023-0477 affects the WordPress plugin Auto Featured Image (Auto Post Thumbnail)

CVE-2023-0477 Auto Featured Image < 3.9.16 - Author+ Arbitrary File Upload

The Auto Featured Image Auto Post Thumbnail WordPress plugin before 3.9.16 includes an AJAX endpoint that allows any user with at least Author privileges to upload arbitrary files, such as PHP files. This is caused by incorrect file extension validation...

WordPress Auto Featured Image (Auto Post Thumbnail) Plugin < 3.9.16 is vulnerable to Arbitrary File Upload

Software Auto Featured Image Auto Post Thumbnail Type Plugin Vulnerable versions 3.9.16 Fixed in 3.9.16 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-0477 Patch priority High CVSS severity High 9.1 Developer Claim ownership PSID ad8cfc8bf738 Credits dc11 Required...

Wordfence Intelligence CE Weekly Vulnerability Report (Feb 6, 2023 to Feb 12, 2023)

In case you missed it, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence Community Edition. This database is continuously updated, maintained, and populated by Wordfences highly...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Tivoli Storage Productivity Center April 2015 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ Technology Edition that is shipped and used by Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in April 2015. Vulnerability Detail...