CVE-2024-32576

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: from n/a through 1.6.8...

CVE-2024-32576

The CVE-2024-32576 entry concerns the WordPress plugin BA Book Everything (WordPress Plugin) with versions ≤ 1.6.8. The vulnerability is a Cross-Site Scripting (XSS) flaw caused by improper neutralization during web page generation, resulting in stored XSS. Affected component: the WordPress plugi...

CVE-2024-32576 WordPress BA Book Everything plugin <= 1.6.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: from n/a through 1.6.8...

CVE-2024-32598

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: from n/a through 1.6.8...

CVE-2024-32598

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: from n/a through 1.6.8...

CVE-2024-32598

CVE-2024-32598 affects BA Book Everything (WordPress plugin) with Stored XSS via shortcode in versions up to 1.6.8. Root cause: Improper input neutralization during web page generation. Impact per sources: potential stored XSS within affected pages; remediation: upgrade to v1.6.8 (patched). Not a...

Moderate: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2024:1879 Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 gnutls: potential crash during chain...

New Lattice Cryptanalytic Technique

A new paper presents a polynomial-time quantum algorithm for solving certain hard lattice problems. This could be a big deal for post-quantum cryptographic algorithms, since many of them base their security on hard lattice problems. A few things to note. One, this paper has not yet been peer...

CVE-2024-32125

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Booking Algorithms BA Book Everything.This issue affects BA Book Everything: from n/a through 1.6.4...

CVE-2024-32125

CVE-2024-32125 (BA Book Everything) is an authenticated SQL Injection vulnerability in the BA Book Everything plugin (

CVE-2024-32125 WordPress BA Book Everything plugin <= 1.6.4 - Auth. SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Booking Algorithms BA Book Everything.This issue affects BA Book Everything: from n/a through 1.6.4...

PT-2024-3295

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description The issue is related to an elevation-of-privilege vulnerability in the Windows authentication mechanism, which involves the use of defective cryptographic algorithms. This vulnerability can b...

Internet Bug Bounty: CVE-2019-1551: rsaz_512_sqr overflow bug on x86_64

The CVE-2019-1551 vulnerability was an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli in the OpenSSL library. The vulnerability was found and reported by researchers. The issue was mitigated in the 1.1.1 and 1.0.2 versions of OpenSSL...

The vulnerability of the PowerScale OneFS operating system, related to the use of cryptographic algorithms containing defects, allows a perpetrator to disclose protected information.

The vulnerability of the PowerScale OneFS operating system is related to the use of cryptographic algorithms that contain defects. Exploiting this vulnerability allows a malicious actor to disclose the protected information...

Nextcloud: Weak ssh algorithms and CVE-2023-48795 Discovered on various subdomains of nextcloud.com

Security researchers discovered a vulnerability in the Secure Shell SSH cryptographic network protocol, known as Terrapin CVE-2023-48795. This vulnerability could have allowed an attacker to downgrade the security of the secure channel. Weak SSH algorithms were also identified on various subdomai...

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect z/Transaction Processing Facility

Summary There are multiple vulnerabilities in IBM® Semeru Runtime Certified Edition 11 that is used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-20918 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow...

Security Bulletin: There are multiple vulnerabilities in IBM Semeru Runtime that is shipped with IBM App Connect Enterprise

Summary There are multiple vulnerabilities in IBM Semeru Runtime used by IBM App Connect Enterprise. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-20932 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security...

Security Bulletin: Multiple Security Vulnerabilites have been fixed in IBM Security Verify Directory Container (CVE-2022-32753, CVE-2022-32756, CVE-2022-32751, CVE-2022-32754)

Summary Multiple Vulnerabilities found by the IBM Ethical Hacking team have been fixed in IBM Verify Directory Container. Vulnerability Details CVEID:CVE-2022-32753 DESCRIPTION: IBM Security Directory Server uses weaker than expected cryptographic algorithms that could allow an attacker to decryp...

CVE-2022-32753 IBM Security Verify Directory information disclosure

IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228444...