132 matches found
CVE-2024-0897
Beaver Builder – WordPress Page Builder (WordPress plugin) contains a stored XSS in the image URL parameter affecting all versions up to 2.7.4.2. Exploitation requires authenticated access (Contributor+) to inject scripts that run for any user visiting the injected page. Remediation: update to ve...
Oracle Linux 8 : kernel (ELSA-2024-0897)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0897 advisory. - net: tls, update curr on splice as well Sabrina Dubroca RHEL-22091 RHEL-19065 CVE-2024-0646 - smb: client: fix potential OOB in smb2dumpdetail Scott...
WordPress Beaver Builder Plugin <= 2.7.4.2 is vulnerable to Cross Site Scripting (XSS)
Software Beaver Builder Type Plugin Vulnerable versions = 2.7.4.2 Fixed in 2.7.4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0897 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 410a62f6d482 Credits RandomRoot Required...
CVE-2015-0897
LINE for Android (<=5.0.2) and LINE for iOS (
CVE-2023-0897 Session FIxation in Sielco PolyEco1000
Sielco PolyEco1000 is vulnerable to a session hijack vulnerability due to the cookie being vulnerable to a brute force attack, lack of SSL, and the session being visible in requests...
CVE-2023-0897
CVE-2023-0897 affects Sielco PolyEco1000 family (PolyEco1000 CPU:2.0.6/1.9.4/1.9.3; PolyEco500 1.7.0; PolyEco300 2.0.2/2.0.0) with a session hijack/session fixation risk due to cookies susceptible to brute-force, no SSL, and visible session data in requests. NVD CVSSv3.1 base score 9.8 (CRITICAL)...
CVE-2023-0897 Session FIxation in Sielco PolyEco1000
Sielco PolyEco1000 is vulnerable to a session hijack vulnerability due to the cookie being vulnerable to a brute force attack, lack of SSL, and the session being visible in requests...
Sielco PolyEco FM Transmitter
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Sielco Equipment : PolyEco1000 Vulnerabilities : Session Fixation, Improper Restriction of Excessive Authentication Attempts, Improper Access Control 2. RISK...
SUSE: Security Advisory (SUSE-SU-2023:2754-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.11.1 : libvirt (EulerOS-SA-2023-2081)
According to the versions of the libvirt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw was found in libvirt. The qemuMonitorUnregister function in qemuProcessHandleMonitorEOF is called using...
Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2023-2133)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6126-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6126-1: libvirt vulnerabilities
It was discovered that libvirt incorrectly handled the nwfilter driver. A local attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2022-0897 It was discovered that libvirt incorrectly handled queries f...
USN-6126-1 libvirt vulnerabilities
It was discovered that libvirt incorrectly handled the nwfilter driver. A local attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2022-0897 It was discovered that libvirt incorrectly handled queries f...
Ubuntu 22.04 LTS / 23.04 : libvirt vulnerabilities (USN-6126-1)
The remote Ubuntu 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6126-1 advisory. It was discovered that libvirt incorrectly handled the nwfilter driver. A local attacker could possibly use this issue to cause libvirt to crash,...
CLSA-2022-1669237947 libvirt: Fix of CVE-2022-0897
CVE-2022-0897: nwfilter: fix crash when counting number of network filters...
Oracle Linux 9 : libvirt (ELSA-2022-8003)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-8003 advisory. 8.5.0-7.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 8.5.0-7 - securityselinux: Dont ignore NVMe disks when setting image label rhbz2121441 8.5.0-6...
AlmaLinux 9 : libvirt (ALSA-2022:8003)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:8003 advisory. - A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver-nwfilters mutex before iterating over...
Low: Red Hat Security Advisory: libvirt security, bug fix, and enhancement update
An update for libvirt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
libvirt security, bug fix, and enhancement update
An update is available for libvirt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libvirt library contains a C API for managing and interacting with the...