Lucene search
K

9 matches found

OpenVAS
OpenVAS
added 2023/06/09 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2023-2179)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.01002EPSS
Exploits6References2
Circl
Circl
added 2023/05/15 4:43 p.m.7 views

CVE-2023-2179

creationtimestamp| type| source ---|---|--- 2023-05-15 16:43:06+00:00| seen| https://t.me/cibsecurity/64117 2025-01-24 21:05:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3026...

6.5CVSS7.2AI score0.00337EPSS
Exploits2References2
OSV
OSV
added 2023/05/15 1:15 p.m.2 views

CVE-2023-2179

The WooCommerce Order Status Change Notifier WordPress plugin through 1.1.0 does not have authorisation and CSRF when updating status orders via an AJAX action available to any authenticated users, which could allow low privilege users such as subscriber to update arbitrary order status, making...

6.5CVSS7AI score0.00337EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/05/15 12:15 p.m.10 views

CVE-2023-2179 WooCommerce Order Status Change Notifier <= 1.1.0 - Subscriber+ Arbitrary Order Status Update

The WooCommerce Order Status Change Notifier WordPress plugin through 1.1.0 does not have authorisation and CSRF when updating status orders via an AJAX action available to any authenticated users, which could allow low privilege users such as subscriber to update arbitrary order status, making...

7.1AI score0.00337EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/05/15 12:15 p.m.28 views

CVE-2023-2179 WooCommerce Order Status Change Notifier <= 1.1.0 - Subscriber+ Arbitrary Order Status Update

The WooCommerce Order Status Change Notifier WordPress plugin through 1.1.0 does not have authorisation and CSRF when updating status orders via an AJAX action available to any authenticated users, which could allow low privilege users such as subscriber to update arbitrary order status, making...

6.7AI score0.00337EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2023/05/15 12:0 a.m.61 views

Oracle Linux 9 : libguestfs-winsupport (ELSA-2023-2179)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-2179 advisory. 9.2-1 - Rebase to ntfs-3g 2022.5.17 - Fixes: CVE-2021-46790, CVE-2022-30783, CVE-2022-30784, CVE-2022-30785, CVE-2022-30786, CVE-2022-30787,...

7.8CVSS7.1AI score0.00504EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.54 views

AlmaLinux 9 : libguestfs-winsupport (ALSA-2023:2179)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:2179 advisory. - ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+5123-2. NOTE: the upstream position is that ntfsck is deprecated;...

7.8CVSS7.6AI score0.00504EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2023/05/12 12:0 a.m.41 views

RHEL 9 : libguestfs-winsupport (RHSA-2023:2179)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:2179 advisory. The libguestfs-winsupport package adds support for Windows guests to libguestfs, a set of tools and libraries allowing users to access and...

7.8CVSS7.7AI score0.00504EPSS
Exploits1References14
Patchstack
Patchstack
added 2023/04/27 12:0 a.m.11 views

WordPress WooCommerce Order Status Change Notifier Plugin <= 1.1.0 is vulnerable to Broken Access Control

Software WooCommerce Order Status Change Notifier Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-2179 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 6ed55575f434 Credits...

6.5CVSS6.8AI score0.00337EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder