WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.8.1 - Authenticated (Contributor+) Local File Inclusion vulnerability

Authenticated Contributor+ Local File Inclusion vulnerability discovered by stealthcopter in WordPress Plugin LA-Studio Element Kit for Elementor versions = 1.3.8.1...

Security Bulletin: Due to use of Apache Kafka, IBM Operations Analytics - Log Analysis is vulnerable to RCE/Denial of Service attack.

Summary Apache Kafka is used by IBM Operations Analytics - Log Analysis as part of Logstash data distribution capabilities. CVE-2025-27819. Vulnerability Details CVEID:CVE-2025-27819 DESCRIPTION: In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule...

IBM Operations Analytics-Log Analysis 安全漏洞

IBM Operations Analytics-Log Analysis is a suite of semi-structured data analysis solutions from International Business Machines IBM. The product is primarily used for application log analysis and problem diagnosis, among other things. A security vulnerability exists in IBM Operations Analytics-L...

IBM Operations Analytics-Log Analysis 安全漏洞

IBM Operations Analytics-Log Analysis is a suite of semi-structured data analysis solutions from International Business Machines IBM. The product is primarily used for application log analysis and problem diagnosis, among other things. A security vulnerability exists in IBM Operations Analytics-L...

Security Bulletin: Denial of Service in Logback used by Apache Zookeeper affect IBM Operations Analytics - Log Analysis (CVE-2023-6481)

Summary There is a potential denial of service in Logback that is used by Apache Zookeeper. This is caused by serialization vulnerability in Logback. Vulnerability Details CVEID:CVE-2023-6481 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in...

Security Bulletin: IBM Operations Analytics - Log Analysis is vulnerable to an XML External Entity Injection (XXE) vulnerability

Summary There is a potential XML External Entity Injection XXE vulnerability with reload4j library that is used in IBM Operations Analytics - Log Analysis. This has been addressed. Vulnerability Details IBM X-Force ID: 294027 DESCRIPTION: QOS.CH reload4j allow a remote attacker to obtain sensitiv...

WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.8.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin LA-Studio Element Kit for Elementor versions = 1.3.8.1...

WordPress LA-Studio Element Kit for Elementor Plugin <= 1.3.8.1 is vulnerable to Local File Inclusion

Software LA-Studio Element Kit for Elementor Type Plugin Vulnerable versions = 1.3.8.1 Fixed in 1.3.9 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-37479 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID ddb890f0e5f3 Credits João Pedro S Alcânta...

Security Bulletin: A vulnerability in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2024-22354)

Summary IBM WebSphere Application Server Liberty is vulnerable to an XML External Entity XXE injection vulnerability. Vulnerability Details CVEID:CVE-2024-22354 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are...

CVE-2022-24750

UltraVNC (.3) DSM plugin local privilege escalation affects versions prior to 1.3.8.0. The DSM plugin module in UltraVNC can be exploited by a locally authenticated user to achieve LPE on vulnerable systems. The vulnerability was fixed by enabling loading of plugins from the installed directory,...