EUVD-2024-54923

Malicious code in bioql PyPI...

EUVD-2024-34913

Malicious code in bioql PyPI...

Oracle Siebel Server <= 24.4 (July 2024 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM component: Installation jackson- databind. Supported versions that are...

Foxit PhantomPDF Multiple Vulnerabilities (Aug 2024) - Windows

Foxit PhantomPDF is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:phantompdf";...

Azure File Sync Agent v19.1 Release – August 2024 (KB5040924)

Update Rollup for Azure File Sync agent version 19.1.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v19.1 Release – August 2024 (KB5040924)

Update Rollup for Azure File Sync agent version 19.1.0.0. For more details, see the associated Microsoft Knowledge Base article...

Fedora: Security Advisory (FEDORA-2024-8eff1bffb1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-f4eb809b49)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from Samsung South Korea. A security vulnerability exists in SAMSUNG Mobile devices SMR Aug-2024 Release 1 version and earlier versions, which stems from a mishandling of exceptions contained in the...

CVE-2024-8335

creationtimestamp| type| source ---|---|--- 2024-08-30 15:38:20+00:00| seen| https://t.me/Kelvinseccommunity/768 2024-08-30 15:39:07+00:00| seen| https://t.me/cvedetector/4517...

WordPress Tutor LMS Pro Plugin <= 2.7.2 is vulnerable to Broken Access Control

Software Tutor LMS Pro Type Plugin Vulnerable versions = 2.7.2 Fixed in 2.7.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5784 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 53b4f2fddbc0 Credits Thanh Nam Tran Required...

WordPress Booking Calendar Plugin <= 10.5 is vulnerable to Cross Site Scripting (XSS)

Software Booking Calendar Type Plugin Vulnerable versions = 10.5 Fixed in 10.5.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8274 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f7f6184bfbdf Credits David Gallagher...

WordPress Media Library Folders Plugin <= 8.2.3 is vulnerable to Broken Access Control

Software Media Library Folders Type Plugin Vulnerable versions = 8.2.3 Fixed in 8.2.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-7858 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID e34ed26523d9 Credits Lucio Sá Required...

WordPress Custom Field Template Plugin <= 2.6.5 is vulnerable to Cross Site Scripting (XSS)

Software Custom Field Template Type Plugin Vulnerable versions = 2.6.5 Fixed in 2.6.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44062 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 53885cdfe965 Credits Robert DeVore Required privilege...

Intel Connectivity Performance Suite Installer August 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Connectivity Performance Suite software installers, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the...

Cisco NX-OS Software Bash Arbitrary Code Execution and Privilege Escalation Vulnerabilities

Multiple vulnerabilities in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to execute arbitrary code with root privileges or elevate privileges to network-admin on an affected device. For more information about these vulnerabilities, see...

WordPress Relevanssi Live Ajax Search Plugin <= 2.4 is vulnerable to Broken Access Control

Software Relevanssi Live Ajax Search Type Plugin Vulnerable versions = 2.4 Fixed in 2.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-7573 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 091b716b5837 Credits scottaglia Required...

WordPress Blog Introduction Plugin <= 0.3.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Blog Introduction Type Plugin Vulnerable versions = 0.3.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7862 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b5cd399b1013 Credits Daniel Ruf Required...

WordPress Gixaw Chat Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Gixaw Chat Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7816 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID aa72a581011b Credits Daniel Ruf Required privilege...

WordPress Propovoice Pro Plugin <= 1.7.0.3 is vulnerable to SQL Injection

Software Propovoice Pro Type Plugin Vulnerable versions = 1.7.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-43941 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 6f9d32f040df Credits Dave Jong Patchstack Required privilege...