CVE-2024-22181

An out-of-bounds write vulnerability exists in the readNODE functionality of libigl v2.5.0. A specially crafted .node file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...

Authentication Bypass

silverstripe/framework is vulnerable Authentication Bypass. This vulnerability is due to a lack of permission check to the DatabaseAdmin of function init on the buildDefaults method of the DevelopmentAdmin class, allows unauthorized users to access sensitive functionality...

ERROR: User doesn't have permission for given Destination path is recorded unexpectedly.

The following error message is recorded unexpectedly in the ns.log file of the admin partition for the pendo functionality: "ERROR: User doesn't have permission for given Destination path"...

Fedora: Security Advisory (FEDORA-2024-fd2569c4e9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : xorg-x11-server (RHSA-2024:2995)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2995 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical use...

SUSE-SU-2024:1762-1 Security update for perl

This update for perl fixes the following issues: Security issues fixed: - CVE-2018-6913: Fixed space calculation issues in pppack.c bsc1082216 - CVE-2018-6798: Fixed heap buffer overflow in regexec.c bsc1082233 Non-security issue fixed: - make Net::FTP work with TLS 1.3 bsc1213638...

CVE-2024-5195

A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file /diags.php. The manipulation of the argument customerinfo leads to command injection. The attack may be launched remotely. The exploit has been disclos...

CVE-2024-32774

Improper Restriction of Excessive Authentication Attempts vulnerability in Metagauss ProfileGrid allows Removing Important Client Functionality.This issue affects ProfileGrid : from n/a through 5.8.2...

CVE-2024-32786

Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows Functionality Bypass.This issue affects Royal Elementor Addons: from n/a through 1.3.93...

CVE-2024-32708

Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality Bypass.This issue affects Maintenance Mode: from n/a through 3.0.1...

CVE-2024-32720

Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Appointment Hour Booking allows Removing Important Client Functionality.This issue affects Appointment Hour Booking: from n/a through 1.4.56...

CVE-2024-32827 WordPress Giveaways and Contests by RafflePress plugin <= 1.12.7 - IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in RafflePress Giveaways and Contests allows Functionality Bypass.This issue affects Giveaways and Contests: from n/a through 1.12.7...

CVE-2024-32827 WordPress Giveaways and Contests by RafflePress plugin <= 1.12.7 - IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in RafflePress Giveaways and Contests allows Functionality Bypass.This issue affects Giveaways and Contests: from n/a through 1.12.7...

CVE-2024-32827

CVE-2024-32827 describes an Authentication Bypass by Spoofing in the WordPress plugin Giveaways and Contests by RafflePress (affected: Giveaways and Contests

CVE-2024-32786 WordPress Royal Elementor Addons and Templates plugin <= 1.3.93 - IP Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows Functionality Bypass.This issue affects Royal Elementor Addons: from n/a through 1.3.93...

CVE-2024-32774 WordPress ProfileGrid plugin <= 5.8.2 - Group Members Limit Bypass vulnerability

Improper Restriction of Excessive Authentication Attempts vulnerability in Metagauss ProfileGrid allows Removing Important Client Functionality.This issue affects ProfileGrid : from n/a through 5.8.2...

CVE-2024-32708 WordPress Maintenance Mode plugin <= 3.0.1 - IP Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality Bypass.This issue affects Maintenance Mode: from n/a through 3.0.1...

CVE-2024-34434

Incorrect Authorization vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter MDTF allows Code Inclusion, Functionality Misuse.This issue affects WordPress Meta Data and Taxonomies Filter MDTF: from n/a through 1.3.3.2...

CVE-2024-33917

Authentication Bypass by Spoofing vulnerability in webtechideas WTI Like Post allows Functionality Bypass.This issue affects WTI Like Post: from n/a through 1.4.6...

CVE-2024-32131

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in W3 Eden Inc. Download Manager allows Functionality Bypass.This issue affects Download Manager: from n/a through 3.2.82...