GHSA-R3JC-3QMM-W3PW

creationtimestamp| type| source ---|---|--- 2024-02-07 18:36:49+00:00| seen| https://t.me/ctinow/180888...

The vulnerability of the ImageBuild() function in the software for creating containerized systems called Moby allows a attacker to execute a cache poisoning attack.

The vulnerability of the ImageBuild function in the Moby containerized system creation software is related to a lack of mechanisms for verifying the data source during the processing of endpoints. Exploiting this vulnerability could allow an attacker to execute a cache poisoning attack...

The vulnerability of the LDAP protocol implementation in Mastodon’s web application for deploying distributed social networks allows a hacker to bypass the authentication process.

The vulnerability of the LDAP protocol implementation in Mastodon’s web application for deploying distributed social networks is related to the lack of a mechanism for verifying the source of data. Exploiting this vulnerability allows a malicious actor to bypass the authentication process...

WordPress 5.7.x < 5.7.11 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A PHP file upload bypass via Plugin Installer requiring admin privileges. - An RCE POP Chains vulnerability. Note that the scanner has not tested for these issues but has...

WordPress 4.5.x < 4.5.31 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A PHP file upload bypass via Plugin Installer requiring admin privileges. - An RCE POP Chains vulnerability. Note that the scanner has not tested for these issues but has...

Grafana Arbitrary File Read

Grafana = 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations...

GHSA-4PWP-CX67-5CPX Grafana Arbitrary File Read

Grafana = 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations...

CVE-2024-0589

Cross-site scripting XSS vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry...

CVE-2024-0589

Cross-site scripting XSS vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry...

Cross site scripting

Cross-site scripting XSS vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry...

CVE-2024-0589

Cross-site scripting XSS vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry...

Devolutions Remote Desktop Manager Cross-Site Scripting Vulnerability

Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2023.3.36 and prior versions, which stems from the presence of a cross-site scripting XS...

CVE-2019-8194

creationtimestamp| type| source ---|---|--- 2024-01-16 16:07:30+00:00| seen| https://t.me/ctinow/168857 2025-08-31 03:01:32+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d...

CVE-2023-46154

creationtimestamp| type| source ---|---|--- 2024-01-12 13:46:33+00:00| seen| https://t.me/ctinow/167240...

CVE-2019-17629

creationtimestamp| type| source ---|---|--- 2024-01-09 09:06:59+00:00| seen| https://t.me/ctinow/164863...

CVE-2023-49088

Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in...

Cross site scripting

Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in...

CVE-2023-49088

Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in...

PT-2023-8820 · Apache · Apache Linkis

Name of the Vulnerable Software and Affected Versions: Apache Linkis versions =1.4.0 Description: The issue is related to insufficient protection of registration data in Apache Linkis, which may allow a remote attacker to gain unauthorized access to protected information. Specifically, when using...

CVE-2023-3517

Hitachi Vantara Pentaho Data Integration & Analytics versions before 9.5.0.1 and 9.3.0.5, including 8.3.x does not restrict JNDI identifiers during the creation of XActions, allowing control of system level data sources...