CVE-2024-5615

The Open Graph plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.2 via the 'opengraphdefaultdescription' function. This makes it possible for unauthenticated attackers to extract sensitive data including partial content of...

CVE-2024-5615 Open Graph <= 1.11.2 - Unauthenticated Sensitive Information Exposure

The Open Graph plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.2 via the 'opengraphdefaultdescription' function. This makes it possible for unauthenticated attackers to extract sensitive data including partial content of...

CVE-2024-5615 Open Graph <= 1.11.2 - Unauthenticated Sensitive Information Exposure

The Open Graph plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.2 via the 'opengraphdefaultdescription' function. This makes it possible for unauthenticated attackers to extract sensitive data including partial content of...

CVE-2024-5615

The CVE-2024-5615 entry concerns the WordPress Open Graph plugin vulnerability allowing Sensitive Information Exposure via opengraph_default_description in versions up to 1.11.2. Connected Red Hat entry repeats this description; no additional technical details (e.g., patch version or concrete exp...

WordPress plugin Open Graph security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Open Graph Plugin <= 1.11.2 is vulnerable to Sensitive Data Exposure

Software Open Graph Type Plugin Vulnerable versions = 1.11.2 Fixed in 1.11.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-5615 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6f80c0f253be Credits Krzysztof Zając Required...

[SECURITY] Fedora 40 Update: qt5-qtdatavis3d-5.15.14-1.fc40

Qt Data Visualization module provides multiple graph types to visualize data in 3D space both with C++ and Qt Quick 2...

Open Graph < 1.11.3 - Unauthenticated Sensitive Information Exposure

Description The Open Graph plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.2 via the 'opengraphdefaultdescription' function. This makes it possible for unauthenticated attackers to extract sensitive data including partial content of...

CVE-2023-43543 Use After Free in Audio

Memory corruption in Audio during a playback or a recording due to race condition between allocation and deallocation of graph object...

[SECURITY] Fedora 40 Update: qt6-qtdatavis3d-6.7.1-1.fc40

Qt Data Visualization module provides multiple graph types to visualize data in 3D space both with C++ and Qt Quick 2...

[SECURITY] Fedora 40 Update: rust-cargo-deny-0.14.21-2.fc40

Cargo plugin to help you manage large dependency graphs...

CVE-2024-35232

github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. accesstoken can be exposed in error message on fail in HTTP request. This issue has been patched in version 2.7.2...

CVE-2024-35232

The CVE-2024-35232 issue affects github.com/huandu/facebook, a Go package for Facebook Graph API usage. The root cause is that an access_token can be exposed in error messages during HTTP request failures, enabling potential information disclosure if logs or clients capture those messages. The vu...

Facebook Graph API SDK 安全漏洞

Facebook Graph API SDK is a Go package from the individual developer Huan Du in China. A security vulnerability exists in Facebook Graph API SDK versions prior to 2.7.2, which stems from the fact that accesstoken may be disclosed in an error message when an HTTP request fails...

ALSA-2024:3265 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 grafana: vulnerable to authorization bypass CVE-2024-1313 For more details...

CVE-2023-49333

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature...

CVE-2023-49333

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature...

CVE-2023-49333

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature...

PT-2024-13726 · Zoho · Zoho Manageengine Adaudit Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADAudit Plus versions below 7271 Description: The issue allows SQL injection in the dashboard graph feature. This could potentially lead to remote attacks and data compromise. Recommendations: For Zoho ManageEngine ADAudit...

SUSE CVE-2024-31458

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in formsave function in graphtemplateinputs.php is not thoroughly checked and is used to concatenate the SQL statement in drawnontemplatedfieldsgraphitem function from...