ECHO-9CFA-3451-0E1E

Bulletin has no description...

CVE-2022-3451

The Product Stock Manager WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options...

Linux Distros Unpatched Vulnerability : CVE-2015-3451

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The clone function in XML::LibXML before 2.0119 does not properly set the expandentities option, which allows remote attackers to conduct XML external entity XX...

Linux Distros Unpatched Vulnerability : CVE-2010-3451

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or...

RHEL 6 : perl-xml-libxml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl-XML-LibXML: Use-after-free by controlling the arguments to a replaceChild call CVE-2017-10672 - The...

RHEL 7 : perl-xml-libxml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl-XML-LibXML: Use-after-free by controlling the arguments to a replaceChild call CVE-2017-10672 - The...

RHEL 5 / 6 : JBoss Enterprise Web Platform 5.2.0 (RHSA-2013:0259)

The remote Redhat Enterprise Linux 5 / 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2013:0259 advisory. - jbossws-cxf, apache-cxf: SOAPAction spoofing on document literal web services CVE-2012-3451 - jbossws-cxf, apache-cxf: Bypass of...

CVE-2023-3451

Rejected reason: Duplicate CVE. Please use CVE-2023-32297...

PT-2023-24909 · Undefined · Undefined

‼ CVE-2023-3451 ‼ REJECT Duplicate CVE. Please use CVE-2023-32297. 📖 Read via "National Vulnerability Database"...

Debian: Security Advisory (DLA-3451-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-214-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-3451

creationtimestamp| type| source ---|---|--- 2022-11-07 12:34:13+00:00| seen| https://t.me/cibsecurity/52585...

CVE-2022-3451 Product Stock Manager < 1.0.5 - Subscriber+ Unauthorised AJAX Calls

The Product Stock Manager WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options...

CVE-2022-3451

The CVE-2022-3451 entry concerns the Product Stock Manager WordPress plugin up to version 1.0.4 (pre‑1.0.5). Reports in multiple connected sources confirm a lack of proper authorization and CSRF checks in several AJAX actions, enabling users with a role as low as subscriber to call these actions ...

CVE-2022-3451 Product Stock Manager < 1.0.5 - Subscriber+ Unauthorised AJAX Calls

The Product Stock Manager WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options...

openSUSE: Security Advisory for rust1.62 (SUSE-SU-2022:3451-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Mageia: Security Advisory (MGASA-2015-0199)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:3451-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:3451-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3451-1 advisory. - Uninitialized memory in a canvas object could have caused an incorrect free leading to memory corruption and a potentially exploitab...

openSUSE 15 Security Update : MozillaFirefox (openSUSE-SU-2021:3451-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3451-1 advisory. - Uninitialized memory in a canvas object could have caused an incorrect free leading to memory corruption and a potentially exploitable...