PT-2024-38381 · WordPress · Husky – Products Filter Professional

Name of the Vulnerable Software and Affected Versions: HUSKY – Products Filter Professional for WooCommerce plugin for WordPress versions up to, and including, 1.3.6.1 Description: The issue is related to Insecure Direct Object Reference. It affects the plugin via the woof messenger remove subscr...

CVE-2024-43121

Improper Privilege Management vulnerability in realmag777 HUSKY allows Privilege Escalation.This issue affects HUSKY: from n/a through 1.3.6.1...

CVE-2024-43121

Improper Privilege Management vulnerability in realmag777 HUSKY allows Privilege Escalation.This issue affects HUSKY: from n/a through 1.3.6.1...

CVE-2024-43121

CVE-2024-43121 involves the HUSKY – Products Filter Professional for WooCommerce extension. Multiple sources (Red Hat, Wordfence) confirm an Improper Privilege Management vulnerability allowing Privilege Escalation. Affected product: HUSKY versions from unknown up to 1.3.6.1. Public disclosure in...

WordPress plugin HUSKY 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-30309 · Husky · Husky

Name of the Vulnerable Software and Affected Versions: HUSKY versions 1.3.6.1 and earlier Description: The issue is related to Improper Privilege Management, allowing Privilege Escalation in the HUSKY software. Recommendations: For versions 1.3.6.1 and earlier, at the moment, there is no...

WordPress HUSKY plugin <= 1.3.6.1 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin HUSKY versions = 1.3.6.1...

Security Bulletin: A vulnerability in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2024-22354)

Summary IBM WebSphere Application Server Liberty is vulnerable to an XML External Entity XXE injection vulnerability. Vulnerability Details CVEID:CVE-2024-22354 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are...

Security Bulletin: A Bouncy Castle vulnerability has been identified in Apache Solr and Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2023-33201)

Summary There is a potential injection vulnerability in Bouncy Castle that is used by Apache Solr and Logstash. This has been addressed Vulnerability Details CVEID:CVE-2023-33201 DESCRIPTION: The Bouncy Castle Crypto Package For Java bc-java could allow a remote attacker to obtain sensitive...

Security Bulletin: Multiple vulnerabilities affect Apache Solr, Apache Zookeeper and Logstash shipped with IBM Operations Analytics - Log Analysis

Summary The following security issues have been identified in Netty component included as part of Apache Solr, Apache Zookeeper and Logstash product Vulnerability Details CVEID:CVE-2023-34462 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a flaw with allocating up to 16MB of...

CVE-2023-41127

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Evergreen Content Poster Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media allows Stored XSS.This issue affects Evergreen Content Poster – Auto Post and Schedule...

Security Bulletin: Information disclosure in FasterXML Jackson Dataformats affect IBM Operations Analytics - Log Analysis (CVE-2020-28491)

Summary FasterXML jackson-dataformat-cbor is susceptible to denial of service, caused by java.lang.OutOfMemoryError exception. Vulnerability Details CVEID:CVE-2020-28491 DESCRIPTION: FasterXML jackson-dataformats-binary is vulnerable to a denial of service, caused by an unchecked allocation of by...

Security Bulletin: Potential vulnerability in Apache Calcite Avatica affects IBM Operations Analytics - Log Analysis (CVE-2022-36364)

Summary Prior to version 1.22.0 vulnerability in Apache Calcite Avatica allow a remote attacker to execute arbitrary code on the system. This has been fixed. Vulnerability Details CVEID:CVE-2022-36364 DESCRIPTION: Apache Calcite Avatica could allow a remote attacker to execute arbitrary code on t...

Security Bulletin: Query Parameter in SSL vulnerability in IBM Operations Analytics - Log Analysis

Summary When session timeout occurs, Log Analysis UI asks to re-enter the password. Requests sent over SSL contain the query parameter name, value or combination of values like username and password. Vulnerability Details Third Party Entry: PSIRT-ADV0022529 DESCRIPTION: Created from Advisory:...

389-ds-base security and bug fix update

1.3.6.1-28 - Bump version to 1.3.6.1-28 - Resolves: Bug 1540105 - CVE-2018-1054 - remote Denial of Service DoS via search filters in SetUnicodeStringFromUTF8 1.3.6.1-27 - Bump version to 1.3.6.1-27 - Resolves: Bug 1536343 - Indexing of internationalized matching rules is failing - Resolves: Bug...

DEBIAN-CVE-2017-15135

It was found that 389-ds-base since 1.3.6.1 up to and including 1.4.0.3 did not always handle internal hash comparison operations correctly during the authentication process. A remote, unauthenticated attacker could potentially use this flaw to bypass the authentication process under very rare an...

CVE-2006-6339

SQL injection vulnerability in sites/index.php in deV!Lz Clanportal DZCP before 1.3.6.1 allows remote attackers to execute arbitrary SQL commands via the show element in a GET request...