CVE-2025-15033

A vulnerability in WooCommerce 8.1 to 10.4.2 can allow logged-in customers to access order data of guest customers on sites with a certain configuration. This has been fixed in WooCommerce 10.4.3, as well as all the previously affected versions through point releases, starting from 8.1, where it...

CVE-2025-15033

CVE-2025-15033 affects WooCommerce core 8.1–10.4.2 under a specific site configuration, allowing logged-in customers to view guest order data. The issue is mitigated by patches in 10.4.3 and backported to 8.1.3; sites on 8.0 or earlier are not affected. If applicable, upgrade to 10.4.3 or 8.1.3+ ...

CVE-2025-15033

A vulnerability in WooCommerce 8.1 to 10.4.2 can allow logged-in customers to access order data of guest customers on sites with a certain configuration. This has been fixed in WooCommerce 10.4.3, as well as all the previously affected versions through point releases, starting from 8.1, where it...

CVE-2021-30654

This issue was addressed by removing additional entitlements. This issue is fixed in GarageBand 10.4.3. A local attacker may be able to read sensitive information...

SUSE CVE-2025-32093

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to restrict certain operations on system admins to only other system admins, which allows delegated granular administration users with the "Edit Other Users" permission to perform unauthorized modifications to system...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in command.go that allows a user to execute commands on archived channels. Remediation Upgrade github.com/mattermost/mattermost/server/channels/api4 to version 9.11.9-rc1, 10.3.4, 10.4.3 or higher. References -...

[R2] Nessus Version 10.4.3 Fixes Multiple Vulnerabilities

R2 Nessus Version 10.4.3 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 03/07/2023 - 11:30 Nessus leverages third-party software to help provide underlying functionality. One of the third-party components OpenSSL was found to contain vulnerabilities, and updated versions have been made availabl...

SUSE CVE-2005-4504

The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service memory consumption and application crash via HTML files with a large ROWSPAN attribute in a TD tag...

GHSA-2RH4-XGMQ-63JP XXE vulnerability in Jenkins Parasoft Findings Plugin

Parasoft Findings Plugin implements a static analysis parser for various Parasoft products and integrates with Warnings Plugin 10.4.1 and earlier and Warnings NG Plugin 10.4.2 and newer. Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity X...

CVE-2021-30654

This issue was addressed by removing additional entitlements. This issue is fixed in GarageBand 10.4.3. A local attacker may be able to read sensitive information...

CVE-2021-30654

This issue was addressed by removing additional entitlements. This issue is fixed in GarageBand 10.4.3. A local attacker may be able to read sensitive information...

CVE-2021-32020

The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insufficient bounds checking during management of heap memory...

Amazon Web Services FreeRTOS 缓冲区错误漏洞

Amazon FreeRTOS is an open source operating system for microcontrollers from Amazon.com, USA. A security vulnerability exists in Amazon Web Services FreeRTOS versions prior to 10.4.3 that stems from the kernel not having sufficient boundary checks during heap memory management...

Amazon FreeRTOS integer overflow vulnerability (CNVD-2021-31956)

Amazon FreeRTOS is an open source operating system for microcontrollers from Amazon USA. An integer overflow vulnerability exists in queue.c in Amazon FreeRTOS versions prior to 10.4.3. No details of the vulnerability are provided at this time...

亚马逊 Amazon FreeRTOS 输入验证错误漏洞

Amazon FreeRTOS is an open source operating system for microcontrollers from Amazon USA. An integer overflow vulnerability exists in streambuffer.c in Amazon FreeRTOS versions prior to 10.4.3. No details of the vulnerability are provided at this time...

亚马逊 Amazon FreeRTOS 输入验证错误漏洞

Amazon FreeRTOS is an open source operating system for microcontrollers from Amazon USA. An integer overflow vulnerability exists in queue.c in Amazon FreeRTOS versions prior to 10.4.3. No details of the vulnerability are provided at this time...

About the security content of GarageBand 10.4.3

About the security content of GarageBand 10.4.3 This document describes the security content of GarageBand 10.4.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases ar...

Apple Security Update: GarageBand 10.4.3 (details available soon)

Apple recommends to install security update GarageBand 10.4.3 details available soon on devices macOS Big Sur...

CVE-2020-2178

What’s affected: Jenkins Parasoft Findings Plugin (versions 10.4.3 and earlier) used in Jenkins. Root cause: The plugin’s XML parser is not configured to disable XML external entities (XXE) attacks. Impact: An attacker who can control input to the Parasoft Findings parser could cause the parser t...

Apple Mac OS X KHTMLParser Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16045/info Apple Mac OS X KHTMLParser is affected by a remote denial of service vulnerability. Successful exploitation may cause an application employing KHTMLParser to crash. KHTMLParser is used by Apple Safari Web brows...