Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in WP Open Graph 1.6.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

CVE-2019-5960

CVE-2019-5960 concerns the WordPress plugin WP Open Graph. The set of connected sources confirms a CSRF vulnerability in WP Open Graph version 1.6.1 and earlier that can allow an attacker to perform unauthorized actions on behalf of an administrator when a logged-in user views a malicious page. T...

CVE-2019-5960

Cross-site request forgery CSRF vulnerability in WP Open Graph 1.6.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

Spidermonkey - IonMonkey Leaks JS_OPTIMIZED_OUT Magic Value to Script

IonMonkey can, during a bailout, leak an internal JSOPTIMIZEDOUT magic value to the running script. This magic value can then be used to achieve memory corruption. Prerequisites Magic Values Spidermonkey represents JavaScript values with the C++ type JS::Value 1, which is a NaN-boxed value that c...

WordPress plugin "WP Open Graph" vulnerable to cross-site request forgery

Overview WordPress plugin "WP Open Graph" provided by Custom4Web contains a cross-site request forgery vulnerability CWE-352. Koichi Kuriyama of Cryptography Laboratory,Department ofInformation and Communication Engineering,Tokyo Denki University directly reported this vulnerability to the...

WordPress WPGraphQL Access Control Error Vulnerability (CNVD-2019-27674)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WPGraphQL is a plugin that provides an extensible GraphQL architecture and API for WordPress sites. An access control error vulnerabili...

JVN#33652328: WordPress plugin "WP Open Graph" vulnerable to cross-site request forgery

WordPress plugin "WP Open Graph" provided by Custom4Web contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the plugin Update the plugin according to the information provided ...

WordPress WP Open Graph plugin cross-site request forgery vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WP Open Graph plugin is one of the plugins used to add Facebook metadata to web pages. A cross-site request forgery vulnerability exist...

[SECURITY] Fedora 29 Update: graphviz-2.40.1-39.fc29

A collection of tools for the manipulation and layout of graphs as in nodes and edges, not as in barcharts...

WordPress Virim Deserialization Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Virim plugin is used in one of the website social activity analysis plugin. Virim plugin 0.4 for WordPress allows unsafe deserializatio...

ExtAnalysis - Browser Extension Analysis Framework

With ExtAnalysis you can : Download & Analyze Extensions From: Chrome Web Store Firefox Addons Analyze Installed Extensions of: Google Chrome Mozilla Firefox Opera Browser Coming Soon Upload and Scan Extensions. Supported formats: .crx .xpi .zip Features of ExtAnalysis : View Basic Informations:...

Developing connected security solutions

Many organizations deploy dozens of security products and services from Microsoft and others to combat increasing cyberthreats. As a result, the ability to quickly extract value from these solutions has become more challenging. This creates opportunity for developers to build solutions that augme...

CVE-2019-10307

A cross-site request forgery vulnerability in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers to change the per-job default graph configuration for all users...

CVE-2019-10308

A missing permission check in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers with Overall/Read permission to change the per-job default graph configuration for all users...

CVE-2019-10307

A cross-site request forgery vulnerability in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers to change the per-job default graph configuration for all users...

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers to change the per-job default graph configuration for all users...

PT-2019-11710 · Jenkins · Jenkins Static Analysis Utilities Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Static Analysis Utilities Plugin versions 1.95 and earlier Description: A missing permission check in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers with Overall/Read permission to change the per-job...

PT-2019-11709 · Jenkins · Jenkins Static Analysis Utilities Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins Static Analysis Utilities Plugin version 1.95 and earlier Jenkins analysis-core Plugin affected versions not specified Description: A cross-site request forgery issue exists due to the lack of permission checks and the acceptance of...

GHSA-FRXX-2M33-6WCR Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow

Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary code local. Users passing a malformed or malicious version of a TFLite graph into TOCO will cause TOCO to crash or cause a buffer overflow, potentially allowing malicious code to be executed...

Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow

Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary code local. Users passing a malformed or malicious version of a TFLite graph into TOCO will cause TOCO to crash or cause a buffer overflow, potentially allowing malicious code to be executed...