10 matches found
CVE-2025-4683
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the createblog function in all versions up to, and including, 4.17.5. This makes it possible for authenticated attackers, wit...
WordPress plugin MStore API 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.5 security update
Red Hat OpenShift Container Platform release 4.17.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...
openSUSE Security Advisory (SUSE-SU-2024:3075-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:3075-1 Security update for xen
This update for xen fixes the following issues: - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping XSA-460, bsc1228574 - CVE-2024-31146: Fixed PCI device pass-through with shared resources XSA-461, bsc1228575 Other fixes: - Update to Xen 4.17.5 security bug fix release bsc102751...
samba security, bug fix, and enhancement update
evolution-mapi 3.40.1-5 - Related: 2131993 Rebuild against samba 4.17 openchange 2.3-40 - Related: 2131993 Rebuild against samba 4.17 samba 4.17.5-102.0.1 - Fix memleak in nsswinbindinitgroupsdyn Orabug: 34994509 4.17.5-102 - resolves: rhbz2169980 - Fix winbind memory leak - resolves: rhbz2156056...
Lodash < 4.17.5 Prototype Pollution
According to its self-reported version number, Lodash is prior to 4.17.5. It is, therefore, affected by a prototype pollution vulnerability in the functions merge, mergeWith and defaultsDeep which could be tricked into adding or modifying properties of Object.prototype using a constructor payload...
GHSA-FVQR-27WR-82FM Prototype Pollution in lodash
Versions of lodash before 4.17.5 are vulnerable to prototype pollution. The vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of Object via proto causing the addition or modification of an existing property that will exist on al...
Prototype Pollution in lodash
Versions of lodash before 4.17.5 are vulnerable to prototype pollution. The vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of Object via proto causing the addition or modification of an existing property that will exist on al...
[SECURITY] Fedora 27 Update: kernel-4.17.5-100.fc27
The kernel meta package...