CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

IBM Security Bulletins•added 2024/06/28 3:21 p.m.•27 views

Security Bulletin: Vulnerability in Gunicorn affects IBM Process Mining CVE-2024-1135

Summary There is a vulnerability in Gunicorn that could allow an attacker to conduct XSS attacks on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2024-1135 DESCRIPTION: Gunicor...

7.5CVSS7.5AI score0.02996EPSS

Exploits0Affected Software1

OSSF Malicious Packages•added 2024/06/25 1:47 p.m.•3 views

Malicious code in acts-as_multilingual (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score

Schneier on Security•added 2024/06/13 11:2 a.m.•19 views

AI and the Indian Election

As India concluded the worlds largest election on June 5, 2024, with over 640 million votes counted, observers could assess how the various parties and factions used artificial intelligence technologies--and what lessons that holds for the rest of the world. The campaigns made extensive use of AI...

7.2AI score

OSV•added 2024/06/09 11:15 a.m.•2 views

CVE-2024-30466

Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.4...

8.8CVSS7.3AI score0.00351EPSS

NVD•added 2024/06/09 11:15 a.m.•17 views

CVE-2024-30466

Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.4...

8.8CVSS0.00351EPSS

Cvelist•added 2024/06/09 10:43 a.m.•22 views

CVE-2024-30466 WordPress WooCommerce Multilingual & Multicurrency plugin <= 5.3.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.4...

5.4CVSS0.00351EPSS

Vulnrichment•added 2024/06/09 10:43 a.m.•12 views

CVE-2024-30466 WordPress WooCommerce Multilingual & Multicurrency plugin <= 5.3.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.4...

5.4CVSS6.9AI score0.00351EPSS

CVE•added 2024/06/09 10:43 a.m.•58 views

CVE-2024-30466

CVE-2024-30466 is a Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency (WooCommerce Multilingual & Multicurrency) affecting versions up to 5.3.4. Root cause: missing authorization checks enabling unauthorized access. Impact: high confidentiality, integr...

8.8CVSS5.9AI score0.00351EPSS

Positive Technologies•added 2024/06/09 12:0 a.m.•2 views

PT-2024-23395 · Onthegosystems · Woocommerce Multilingual & Multicurrency

Name of the Vulnerable Software and Affected Versions: WooCommerce Multilingual & Multicurrency versions through 5.3.4 Description: A Missing Authorization vulnerability has been identified in OnTheGoSystems WooCommerce Multilingual & Multicurrency. This issue may allow unauthorized access. The...

8.8CVSS9.3AI score0.00351EPSS

Exploits0References8

CNNVD•added 2024/06/09 12:0 a.m.•2 views

WordPress plugin WooCommerce Multilingual & Multicurrency security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.7AI score0.00351EPSS

Exploits0References2

Fedora•added 2024/05/31 2:14 a.m.•24 views

[SECURITY] Fedora 39 Update: roundcubemail-1.6.7-1.fc39

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

7.3AI score

Fedora•added 2024/05/31 1:17 a.m.•27 views

[SECURITY] Fedora 40 Update: roundcubemail-1.6.7-1.fc40

7.3AI score

WPVulnDB•added 2024/05/31 12:0 a.m.•12 views

WooCommerce Multilingual & Multicurrency with WPML < 5.3.4 - Shop Manager+ SQL Injection

Description The WooCommerce Multilingual & Multicurrency with WPML plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 5.3.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes...

7.6CVSS7.4AI score0.00541EPSS

WPVulnDB•added 2024/05/31 12:0 a.m.•14 views

WooCommerce Multilingual & Multicurrency with WPML < 5.3.4 - Shop Manager+ SQL Injection

7.6CVSS7.4AI score0.00541EPSS

WPVulnDB•added 2024/05/31 12:0 a.m.•13 views

WooCommerce Multilingual & Multicurrency with WPML < 5.3.4 - Shop Manager+ SQL Injection

7.6CVSS7.4AI score0.00541EPSS

Fedora•added 2024/04/23 4:42 p.m.•22 views

[SECURITY] Fedora 40 Update: filezilla-3.67.0-1.fc40

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFTP - Cross-platform - Available in many languages - Supports resume and transfer of large files greater than 4GB - Easy to use Site Manager and transfe...

5.9CVSS5.7AI score0.05773EPSS

OSV•added 2024/04/18 11:15 a.m.•3 views

CVE-2024-32602

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.3.1...

7.2CVSS5.8AI score0.00541EPSS

NVD•added 2024/04/18 11:15 a.m.•13 views

CVE-2024-32602

7.6CVSS7.9AI score0.00541EPSS