CVE-2025-60139 WordPress Sendle Shipping plugin <= 6.02 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Joovii Sendle Shipping official-sendle-shipping-method allows Cross Site Request Forgery.This issue affects Sendle Shipping: from n/a through = 6.02...

WordPress plugin Sendle Shipping 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

NewStart CGSL MAIN 6.02 : libjpeg-turbo Vulnerability (NS-SA-2024-0051)

The remote NewStart CGSL host, running version MAIN 6.02, has libjpeg-turbo packages installed that are affected by a vulnerability: - A stack-based buffer overflow flaw was found in libjpeg-turbo library in the tranform component. An attacker may use this flaw to input a malicious image file to ...

NewStart CGSL MAIN 6.02 : perl-HTTP-Tiny Multiple Vulnerabilities (NS-SA-2024-0058)

The remote NewStart CGSL host, running version MAIN 6.02, has perl-HTTP-Tiny packages installed that are affected by multiple vulnerabilities: - It was found that perl can load modules from the current directory if not found in the module directories, via the @INC path. A local, authenticated...

NewStart CGSL MAIN 6.02 : qemu Vulnerability (NS-SA-2024-0057)

The remote NewStart CGSL host, running version MAIN 6.02, has qemu packages installed that are affected by a vulnerability: - A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtiocryptohandlesymreq. There is no check for the value of srcle...

NewStart CGSL MAIN 6.02 : cups Vulnerability (NS-SA-2024-0060)

The remote NewStart CGSL host, running version MAIN 6.02, has cups packages installed that are affected by a vulnerability: - An input validation issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-0...

NewStart CGSL MAIN 6.02 : libsolv Vulnerability (NS-SA-2024-0067)

The remote NewStart CGSL host, running version MAIN 6.02, has libsolv packages installed that are affected by a vulnerability: - A flaw was found in libsolv. A buffer overflow vulnerability could cause a denial of service. The highest threat from this vulnerability is to system availability...

NewStart CGSL MAIN 6.02 : python-requests Vulnerability (NS-SA-2024-0058)

The remote NewStart CGSL host, running version MAIN 6.02, has python-requests packages installed that are affected by a vulnerability: - A flaw was found in the way python-requests set the domain cookie parameter for certain HTTP responses. A remote attacker could use this flaw to modify a cookie...

NewStart CGSL MAIN 6.02 : compat-libtiff3 Vulnerability (NS-SA-2024-0055)

The remote NewStart CGSL host, running version MAIN 6.02, has compat-libtiff3 packages installed that are affected by a vulnerability: - A heap use-after-free vulnerability was found in LibTIFF's tiffcrop utility in the loadImage function. This flaw allows an attacker to pass a crafted TIFF image...

NewStart CGSL MAIN 6.02 : openssh Vulnerability (NS-SA-2024-0061)

The remote NewStart CGSL host, running version MAIN 6.02, has openssh packages installed that are affected by a vulnerability: - A vulnerability was found in OpenSSH. The PKCS11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if ...

NewStart CGSL MAIN 6.02 : dnf-plugins-core Vulnerability (NS-SA-2024-0064)

The remote NewStart CGSL host, running version MAIN 6.02, has dnf-plugins-core packages installed that are affected by a vulnerability: - A flaw was found in libdnf's signature verification functionality. This flaw allows an attacker to achieve code execution if they can alter the header...

NewStart CGSL MAIN 6.02 : ncurses Multiple Vulnerabilities (NS-SA-2024-0057)

The remote NewStart CGSL host, running version MAIN 6.02, has ncurses packages installed that are affected by multiple vulnerabilities: - There is a heap-based buffer over-read in the ncfindentry function in tinfo/comphash.c in the terminfo library in ncurses before 6.1-20191012. CVE-2019-17594 -...

NewStart CGSL MAIN 6.02 : grub2 Multiple Vulnerabilities (NS-SA-2024-0068)

The remote NewStart CGSL host, running version MAIN 6.02, has grub2 packages installed that are affected by multiple vulnerabilities: - A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read i...

NewStart CGSL MAIN 6.02 : dbus Vulnerability (NS-SA-2024-0062)

The remote NewStart CGSL host, running version MAIN 6.02, has dbus packages installed that are affected by a vulnerability: - An assertion failure vulnerability was found in D-Bus. This issue occurs when a privileged monitoring connection dbus-monitor, busctl monitor, gdbus monitor, or similar is...

NewStart CGSL MAIN 6.02 : vim Multiple Vulnerabilities (NS-SA-2024-0065)

The remote NewStart CGSL host, running version MAIN 6.02, has vim packages installed that are affected by multiple vulnerabilities: - A flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The...

NewStart CGSL MAIN 6.02 : c-ares Multiple Vulnerabilities (NS-SA-2024-0066)

The remote NewStart CGSL host, running version MAIN 6.02, has c-ares packages installed that are affected by multiple vulnerabilities: - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnam...

NewStart CGSL MAIN 6.02 : webkit2gtk3 Multiple Vulnerabilities (NS-SA-2024-0053)

The remote NewStart CGSL host, running version MAIN 6.02, has webkit2gtk3 packages installed that are affected by multiple vulnerabilities: - A use-after-free issue was found in the AudioSourceProviderGStreamer class of WebKitGTK and WPE WebKit in versions prior to 2.30.5. Processing maliciously...

NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2024-0066)

The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities: - In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames. CVE-2022-25315 - It was possible to construct specific XSLT markup that woul...

NewStart CGSL MAIN 6.02 : brotli Vulnerability (NS-SA-2024-0059)

The remote NewStart CGSL host, running version MAIN 6.02, has brotli packages installed that are affected by a vulnerability: - A buffer overflow flaw was found in the Brotli library where an attacker could control the input length of a one-shot decompression request to a script that can trigger ...

NewStart CGSL MAIN 6.02 : sqlite Multiple Vulnerabilities (NS-SA-2024-0063)

The remote NewStart CGSL host, running version MAIN 6.02, has sqlite packages installed that are affected by multiple vulnerabilities: - Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML...