EUVD-2001-1183

Malware in sbrugna...

EUVD-2024-34755

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-41916

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI...

Linux Distros Unpatched Vulnerability : CVE-2022-4065

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function...

CVE-2024-1427

The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the section title tag attribute in all versions up to, and including, 7.7.1 due to insufficient input sanitization and output escaping on user...

CVE-2024-38711 WordPress Link Library plugin <= 7.7.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Yannick Lefebvre Link Library allows Reflected XSS.This issue affects Link Library: from n/a through 7.7.1...

WordPress plugin The Post Grid cross-site scripting vulnerability

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress The Post Grid Plugin <= 7.7.1 is vulnerable to Cross Site Scripting (XSS)

Software The Post Grid Type Plugin Vulnerable versions = 7.7.1 Fixed in 7.7.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35739 Patch priority Low CVSS severity Low 6.5 Developer Mamunur Rashid PSID 3801d97a66a9 Credits SouzaZinn Required privilege Contributor...

CVE-2024-34383 WordPress SEOPress plugin <= 7.7.1 - Sensitive Data Exposure vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in The SEO Guys at SEOPress SEOPress.This issue affects SEOPress: from n/a through 7.7.1...

PT-2024-25843 · Seo Guys · Seopress

Name of the Vulnerable Software and Affected Versions: SEOPress versions 7.7.1 and earlier Description: The issue is related to an Authorization Bypass Through User-Controlled Key vulnerability. This vulnerability affects The SEO Guys at SEOPress SEOPress. Recommendations: For SEOPress versions...

CVE-2023-41798

A vulnerability in wpWax Directorist directorist.This issue affects Directorist: from n/a through = 7.7.1...

WordPress Directorist Plugin <= 7.7.1 is vulnerable to CSV Injection

Software Directorist Type Plugin Vulnerable versions = 7.7.1 Fixed in 7.7.2 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2023-41798 Patch priority Low CVSS severity Low 5.1 Developer Claim ownership PSID 305b807eea54 Credits Rafshanzani Suhada Required privilege Editor Publishe...

WordPress Directorist Plugin <= 7.7.1 is vulnerable to Broken Access Control

Software Directorist Type Plugin Vulnerable versions = 7.7.1 Fixed in 7.7.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c511217f52dd Credits István Márton Required privilege...

CVE-2022-45142 affecting package heimdal 7.7.1-1

CVE-2022-45142 affecting package heimdal 7.7.1-1. A patched version of the package is available...

Intel® HAXM Advisory

Summary: A potential security vulnerability in the Intel® Hardware Accelerated Execution Manager HAXM software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-21812 Description: Improper access...

CVE-2022-45142

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and possibly other branches a logic inversion sneaked...

CVE-2022-45142

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and possibly other branches a logic inversion sneaked...

Design/Logic Flaw

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and possibly other branches a logic inversion sneaked...

CVE-2022-45142

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and possibly other branches a logic inversion sneaked...

CVE-2022-45142

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and possibly other branches a logic inversion sneaked...