129 matches found
MAL-2025-8104 Malicious code in @juigorg/perspiciatis-dolorem-magnam (npm)
The package @juigorg/perspiciatis-dolorem-magnam was found to contain malicious code...
CVE-2025-8104
creationtimestamp| type| source ---|---|--- 2025-07-27 04:39:16+00:00| seen| Telegram/GB2u28mY-UqK0IcTaimWXb8I8y4umkukYZMvAVTgphLpXw...
CVE-2025-8104 Memory Usage <= 3.98 - Cross-Site Request Forgery to Limited Plugin Installation via wpmemory_install_plugin Function
The Memory Usage plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.98. This is due to missing nonce validation in the wpmemoryinstallplugin function. This makes it possible for unauthenticated attackers to silently install one of the several...
CVE-2025-8104
CVE-2025-8104 concerns the WordPress plugin Memory Usage (also listed as Memory Usage, Memory Limit, PHP and Server Memory Health Check and Provide Suggestions). The vulnerability is a Cross-Site Request Forgery due to missing nonce validation in the wpmemory_install_plugin() function, allowing u...
CVE-2025-8104 Memory Usage <= 3.98 - Cross-Site Request Forgery to Limited Plugin Installation via wpmemory_install_plugin Function
The Memory Usage plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.98. This is due to missing nonce validation in the wpmemoryinstallplugin function. This makes it possible for unauthenticated attackers to silently install one of the several...
CVE-2019-8104
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information...
Linux Distros Unpatched Vulnerability : CVE-2018-8104
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of service heap-based buffer over-read and application crash via a...
Linux Distros Unpatched Vulnerability : CVE-2015-8104
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by...
RHEL 8 : edk2 (RHSA-2024:8104)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8104 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware f...
CVE-2024-8104
creationtimestamp| type| source ---|---|--- 2024-09-04 10:13:18+00:00| seen| https://t.me/cvedetector/4775...
CVE-2024-8104
The CVE CVE-2024-8104 affects The Ultimate WordPress Toolkit – WP Extended plugin for WordPress (
WordPress The Ultimate WordPress Toolkit – WP Extended Plugin <= 3.0.8 is vulnerable to Arbitrary File Download
Software The Ultimate WordPress Toolkit – WP Extended Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Download CVE CVE-2024-8104 Patch priority High CVSS severity High 7.7 Developer WP Extended PSID 9fb5e1b755dd Credits...
Malicious code in wlwz-2312-8104 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7b87ef7a01ff837b416ea633e7a93e87043bede2173f2cffde6dede41fca9d0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-903 Malicious code in wlwz-2312-8104 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7b87ef7a01ff837b416ea633e7a93e87043bede2173f2cffde6dede41fca9d0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Design/Logic Flaw
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...
Xen: x86/AMD: Debug Mask handling (XSA-444)
AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of the guest state, leading to denials of service. - CVE-2023-34327 - An HVM vCPU can end up operating in the context of a previo...
K31026324: Linux kernel vulnerabilities CVE-2015-2925, CVE-2015-5307, and CVE-2015-8104
Security Advisory Description CVE-2015-2925 The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a...
Slackware: Security Advisory (SSA:2014-344-04)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2016-0233)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2016-0225)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...