744 matches found
[SECURITY] [DLA 4272-1] aide security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4272-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz August 14, 2025 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 5977-1] aide security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5977-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 14, 2025 https://www.debian.org/security/faq -...
Debian dla-4272 : aide - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4272 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4272-1 [email protected]...
Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
cpython: python: Extraction filter bypass for linking outside extraction directory
A flaw was found in CPython's tarfile module. This vulnerability allows bypassing of extraction filters, enabling symlink traversal outside the intended extraction directory and potential modification of file metadata via malicious tar archives using TarFile.extractall or TarFile.extract with the...
CVE-2025-22894
Unprotected Windows messaging channel 'Shatter' issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary files in the system may be altered. As a...
PT-2025-5804
Name of the Vulnerable Software and Affected Versions: Defense Platform Home Edition versions 3.9.51.x and earlier Description: The issue is related to an unprotected Windows messaging channel, also known as 'Shatter'. This allows an attacker to send a specially crafted message to a specific...
CVE-2024-53683
CVE-2024-53683 affects the Ossur Mobile Logic Application. Hard-coded/valid credentials in a .js file and a static token found in the decompiled IPA could enable an attacker to disrupt normal use by altering translation files, compromising integrity. Public sources indicate vulnerable versions ex...
[SECURITY] Fedora 39 Update: watchman-2021.05.10.00-24.fc39
Watchman exists to watch files and record when they actually change. It can a lso trigger actions such as rebuilding assets when matching files change...
CVE-2022-47558
Devices ekorCCP and ekorRCI are vulnerable due to access to the FTP service using default credentials. Exploitation of this vulnerability can allow an attacker to modify critical files that could allow the creation of new users, delete or modify existing users, modify configuration files, install...
CVE-2022-23453
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files...
PT-2023-12720 · Hewlett Packard · Hp Support Assistant
Name of the Vulnerable Software and Affected Versions: HP Support Assistant affected versions not specified Description: The issue involves potential security vulnerabilities in HP Support Assistant, including privilege escalation, compromise of integrity, allowed communication with untrusted...
CVE-2022-2269
The Website File Changes Monitor WordPress plugin before 1.8.3 does not sanitise and escape user input before using it in a SQL statement via an action available to users with the manageoptions capability by default admins, leading to an SQL injection...
CVE-2022-2269
The Website File Changes Monitor WordPress plugin before 1.8.3 does not sanitise and escape user input before using it in a SQL statement via an action available to users with the manageoptions capability by default admins, leading to an SQL injection...
Sql injection
The Website File Changes Monitor WordPress plugin before 1.8.3 does not sanitise and escape user input before using it in a SQL statement via an action available to users with the manageoptions capability by default admins, leading to an SQL injection...
CVE-2022-2269
CVE-2022-2269 concerns the WordPress plugin “Website File Changes Monitor” (versions prior to 1.8.3). The issue is that the plugin does not sanitise or escape user input before using it in a SQL statement via an action accessible to users with the manage_options capability (typically admins). Thi...
CVE-2022-2269 Website File Changes Monitor < 1.8.3 - Admin+ SQLi
The Website File Changes Monitor WordPress plugin before 1.8.3 does not sanitise and escape user input before using it in a SQL statement via an action available to users with the manageoptions capability by default admins, leading to an SQL injection...
WordPress Plugin Website File Changes Monitor SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
Website File Changes Monitor < 1.8.3 - Admin+ SQLi
The plugin does not sanitise and escape user input before using it in a SQL statement via an action available to users with the manageoptions capability by default admins, leading to an SQL injection A user with manageoptions permission can exploit the vulnerability with the following request :...
WordPress Website File Changes Monitor plugin <= 1.8.2 - Authenticated SQL Injection (SQLi) vulnerability
Authenticated SQL Injection SQLi vulnerability discovered by Nicolas VIDAL TEHTRIS in WordPress Website File Changes Monitor plugin versions = 1.8.2. Solution Update the WordPress Website File Changes Monitor plugin to the latest available version at least 1.8.3...