GitHub Desktop 信息泄露漏洞

GitHub Desktop is a GitHub desktop version of GitHub Desktop open source. An information disclosure vulnerability exists in versions prior to GitHub Desktop 3.4.20-beta3, which stems from an attempt by Git to access a network share that could lead to information disclosure...

CVE-2024-32603

Deserialization of Untrusted Data vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.20...

CVE-2024-21697

This High severity RCE Remote Code Execution vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.8, allows an unauthenticated attacker to execute arbitrary code which has...

CVE-2024-32603

Deserialization of Untrusted Data vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.20...

WordPress Plugin BuddyPress 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A code issue...

PT-2024-24725

Name of the Vulnerable Software and Affected Versions ThemeKraft WooBuddy versions 3.4.20 and earlier Description The issue is related to the deserialization of untrusted data, which can lead to potential security risks. There is no information provided about the estimated number of potentially...

WordPress WooBuddy plugin <= 3.4.20 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin WooBuddy versions = 3.4.20...

PT-2024-18637 · WordPress · Buddypress Woocommerce My Account Integration

Name of the Vulnerable Software and Affected Versions: BuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages plugin for WordPress versions up to, and including, 3.4.20 Description: The issue concerns PHP Object Injection via deserialization of untrusted input in the get...

iTerm2 Security Vulnerability

iTerm2 is a terminal emulation program written for Mac OS X. A security vulnerability exists in iTerm2 versions prior to 3.4.20 that stems from improper handling of certain escape sequences and allows remote code execution...

iTerm2 Security Vulnerability

iTerm2 is a terminal emulation program written for Mac OS X. A security vulnerability exists in iTerm2 versions prior to 3.4.20 that stems from improper handling of certain escape sequences and allows remote code execution...

CVE-2023-46301

iTerm2 before 3.4.20 allow potentially remote code execution because of mishandling of certain escape sequences related to upload...

CVE-2023-46300

CVE-2023-46300 affects iTerm2 on macOS, with remote code execution possible due to mishandling of certain escape sequences related to tmux integration in versions prior to 3.4.20. The Nessus and Red Hat/NVD records corroborate a RCE class flaw tied to escape sequence handling. Confirmed affected ...

PT-2023-7566 · Iterm2 · Iterm2

Name of the Vulnerable Software and Affected Versions: iTerm2 versions prior to 3.4.20 Description: The issue is related to the mishandling of certain escape sequences related to upload, which can allow potentially remote code execution. This is due to a lack of proper output encoding or escaping...

PT-2023-7565 · Iterm2 · Iterm2

Name of the Vulnerable Software and Affected Versions: iTerm2 versions prior to 3.4.20 Description: The issue is related to the mishandling of certain escape sequences in iTerm2, specifically those related to tmux integration. This can potentially allow a remote attacker to execute arbitrary code...