RCE (Remote Code Execution) at mchange-commons-java dependency in Crucible Server

This High severity RCE Remote Code Execution vulnerability was introduced in version 4.9.0 of Crucible Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.9 and a CVSS Vector of code:java CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:Hcode allows an...

EUVD-2023-56382

Malicious code in bioql PyPI...

CVE-2024-32821

Missing Authorization vulnerability in TotalSuite Total Poll Lite.This issue affects Total Poll Lite: from n/a through 4.9.9...

WordPress plugin EventON 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-56265

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpweb WooCommerce PDF Vouchers woocommerce-pdf-vouchers allows Reflected XSS.This issue affects WooCommerce PDF Vouchers: from n/a through 4.9.9...

CVE-2024-56265

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPWeb WooCommerce PDF Vouchers allows Reflected XSS.This issue affects WooCommerce PDF Vouchers: from n/a before 4.9.9...

CVE-2024-56265 WordPress WooCommerce - PDF Vouchers plugin < 4.9.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPWeb WooCommerce PDF Vouchers allows Reflected XSS.This issue affects WooCommerce PDF Vouchers: from n/a before 4.9.9...

WordPress plugin WooCommerce PDF Vouchers 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

PT-2024-36269

Name of the Vulnerable Software and Affected Versions: WooCommerce PDF Vouchers versions prior to 4.9.9 Description: The issue is related to an Incorrect Privilege Assignment, which allows Privilege Escalation. This means that due to the incorrect assignment of privileges, an attacker could...

WordPress WooCommerce - PDF Vouchers plugin < 4.9.9 - Broken Authentication vulnerability

WordPress WooCommerce - PDF Vouchers plugin 4.9.9 - Broken Authentication vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin WooCommerce PDF Vouchers versions 4.9.9...

PowerDNS Recursor DoS Vulnerability (2024-04)

PowerDNS Recursor is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PT-2024-10518 · Powerdns +1 · Powerdns Recursor +1

Name of the Vulnerable Software and Affected Versions: PowerDNS Recursor versions prior to 4.9.9 PowerDNS Recursor versions prior to 5.0.9 PowerDNS Recursor versions prior to 5.1.2 Description: An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and...

WordPress plugin MC4WP 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

PT-2024-39275 · WordPress · Mc4Wp: Mailchimp For Wordpress

Name of the Vulnerable Software and Affected Versions: MC4WP: Mailchimp for WordPress plugin for WordPress versions 4.9.9 through 4.9.16 Description: The issue is related to Reflected Cross-Site Scripting via the email parameter when a placeholder such as email is used for the field. This is due ...

RHSA-2021:4833 Red Hat Security Advisory: OpenShift Container Platform 4.9.9 security update

Bulletin has no description...

WordPress plugin Newsletters 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

Important: Red Hat Security Advisory: Red Hat Certificate System 10.4 for RHEL 8 security and bug fix update

An update for pki-core is now available for Red Hat Certificate System 10.4 for RHEL 8.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

PT-2024-14240 · Ibericode · Mc4Wp

Name of the Vulnerable Software and Affected Versions: MC4WP versions 4.9.9 and earlier Description: The issue is related to a Missing Authorization vulnerability in the ibericode MC4WP software. Recommendations: For versions 4.9.9 and earlier, update to a version that contains a fix for this...

CVE-2024-32821

Missing Authorization vulnerability in TotalSuite Total Poll Lite.This issue affects Total Poll Lite: from n/a through 4.9.9...

CVE-2024-32821

CVE-2024-32821 is described as a Missing Authorization vulnerability affecting WordPress Total Poll Lite (Total Poll Lite) versions up to 4.9.9. The connected sources refer to this as a Broken Access Control issue, but no concrete exploitation parameters, affected specific product/version details...