EUVD-2020-25140

Malware in sbrugna...

EUVD-2020-25123

Malware in sbrugna...

EUVD-2020-25093

Malware in sbrugna...

EUVD-2020-25111

Malware in sbrugna...

EUVD-2020-25096

Malware in sbrugna...

EUVD-2020-25107

Malware in sbrugna...

CVE-2020-3828

A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts from the lock screen...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization by exposing restricted items in the backend page tree to be viewed by other users, if the mounts pointed to pages restricted for their user/group or if permissions were set to "everybody". Remediation Upgrade...

Incorrect Authorization

Overview typo3/cms-core is a free open source enterprise content management system. Affected versions of this package are vulnerable to Incorrect Authorization by exposing restricted items in the backend page tree to be viewed by other users, if the mounts pointed to pages restricted for their...

GHSA-RF5M-H8Q9-9W6Q Information Disclosure in TYPO3 Page Tree

Problem Backend users could see items in the backend page tree without having access if the mounts pointed to pages restricted for their user/group, or if no mounts were configured but the pages allowed access to "everybody." However, affected users could not manipulate these pages. Solution Upda...

CVE-2024-34071 Open Redirect Bypass Protection

Umbraco is an ASP.NET CMS used by more than 730.000 websites. Umbraco has an endpoint that is vulnerable to open redirects. The endpoint is protected so it requires the user to be signed into backoffice before the vulnerable is exposed. This vulnerability has been patched in versions 8.18.14,...

CVE-2024-4392

The Jetpack – WP Security, Backup, Speed, & Growth plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpvideo shortcode in all versions up to, and including, 13.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...

PT-2024-30780

Name of the Vulnerable Software and Affected Versions Jetpack – WP Security, Backup, Speed, & Growth plugin for WordPress versions up to, and including, 13.3.1 Description The issue is related to Stored Cross-Site Scripting via the plugin's wpvideo shortcode due to insufficient input sanitization...

WordPress Plugin Product Feed PRO for WooCommerce 日志信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A log information...

WordPress Product Feed PRO for WooCommerce Plugin <= 13.3.1 is vulnerable to Sensitive Data Exposure

Software Product Feed PRO for WooCommerce Type Plugin Vulnerable versions = 13.3.1 Fixed in 13.3.2 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2024-32513 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 20d6ccb380e3 Credits...

CentOS 8 : webkit2gtk3 (CESA-2023:1919)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:1919 advisory. - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadO...

Rocky Linux 9 : webkit2gtk3 (RLSA-2023:1918)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:1918 advisory. - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1, iOS 16.4.1 and iPadOS...

Oracle Linux 8 : webkit2gtk3 (ELSA-2023-1919)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-1919 advisory. 2.36.7-1.3 - Add patch for CVE-2023-28205 Resolves: 2185740 Tenable has extracted the preceding description block directly from the Oracle Linux security...

RHEL 8 : webkit2gtk3 (RHSA-2023:1919)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1919 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: WebKitGTK: use-after-free leads to arbitrary...

Apple Mac OS X Security Update (HT213721)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...