47 matches found
SUSE-SU-2026:1361-1 Security update for himmelblau
This update for himmelblau fixes the following issues: Update to version 2.3.9+git0.a9fd29b; jscPED-14511: - CVE-2026-34397: Fix LPE due to name collision during NSS fake-primary group lookup bsc1261324. - CVE-2026-31979: Fix race condition when accessiung /tmp/krb5ccuid bsc1259548. -...
Linux Distros Unpatched Vulnerability : CVE-2019-11738
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a Content Security Policy CSP directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will...
CVE-2020-11738
The Snap Creek Duplicator plugin before 1.3.28 for WordPress and Duplicator Pro before 3.8.7.1 allows Directory Traversal via ../ in the file parameter to duplicatordownload or duplicatorinit...
CVE-2024-11738
A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...
CVE-2024-11738
A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...
CVE-2024-11738 Rustls: rustls network-reachable panic in `acceptor::accept`
A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...
CVE-2024-11738
CVE-2024-11738 affects Rustls 0.23.13 and related APIs, enabling a denial-of-service (panic) via a fragmented TLS ClientHello message. Public documents (including IBM DataPower Bulletin and MSRC) confirm the vulnerability and provide remediation guidance. Impact is a panic causing service disrupt...
CVE-2024-11738 Rustls: rustls network-reachable panic in `acceptor::accept`
A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...
WordPress Duplicator File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Duplicator File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in...
Ubuntu: Security Advisory (USN-4122-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0368)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla Firefox Security Advisory (MFSA2019-25) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
WordPress Duplicator 1.3.26 Arbitrary File Read
Exploit Title: Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read Date: October 16, 2021 Exploit Author: nam3lum Vendor Homepage: https://wordpress.org/plugins/duplicator/ Software Link: https://downloads.wordpress.org/plugin/duplicator.1.3.26.zip Version: 1.3.26 Tested on:...
Wordpress Duplicator 1.3.26 Plugin - Unauthenticated Arbitrary File Read Exploit
Exploit Title: Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read Exploit Author: nam3lum Vendor Homepage: https://wordpress.org/plugins/duplicator/ Software Link: https://downloads.wordpress.org/plugin/duplicator.1.3.26.zip Version: 1.3.26 Tested on: Ubuntu 16.04 CVE :...
Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read
Exploit Title: Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read Date: October 16, 2021 Exploit Author: nam3lum Vendor Homepage: https://wordpress.org/plugins/duplicator/ Software Link: https://downloads.wordpress.org/plugin/duplicator.1.3.26.zip Version: 1.3.26 Tested on:...
VulnCheck KEV: CVE-2020-11738
WordPress Snap Creek Duplicator plugin contains a file download vulnerability when an administrator creates a new copy of their site that allows an attacker to download the generated files from their Wordpress dashboard. This vulnerability affects Duplicator and Dulplicator Pro...
WordPress Duplicator File Read Vulnerability
This module exploits an unauthenticated directory traversal vulnerability in WordPress plugin 'Duplicator' version 1.3.24-1.3.26, allowing arbitrary file read with the web server privileges. This vulnerability was being actively exploited when it was discovered. Module Options msf use...
CVE-2020-11738
creationtimestamp| type| source ---|---|--- 2020-12-18 22:18:46+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/wpduplicatorfileread.rb 2021-11-08 08:58:20+00:00| seen| MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422 2021-11-20 09:53:52+00:00| seen...
Wordpress Duplicator 1.3.26 Plugin - Unauthenticated Arbitrary File Read Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Duplicator File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in...
Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Duplicator File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in...