WordPress plugin Malcure Malware Scanner 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

CVE-2024-32589

Missing Authorization vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through = 1.5.3...

Linux Distros Unpatched Vulnerability : CVE-2024-43431

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access...

CVE-2024-32589

Missing Authorization vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through = 1.5.3...

CVE-2024-32589 WordPress Barcode Scanner and Inventory manager plugin <= 1.5.3 - Broken Access Control to XSS vulnerability

Missing Authorization vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through = 1.5.3...

CVE-2024-32589 WordPress Barcode Scanner and Inventory manager plugin <= 1.5.3 - Broken Access Control to XSS vulnerability

Missing Authorization vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through 1.5.3...

WordPress plugin Barcode Scanner with Inventory & Order Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2025-35385

Name of the Vulnerable Software and Affected Versions: UkrSolution Barcode Scanner with Inventory & Order Manager versions through 1.5.3 Description: A missing authorization flaw exists in UkrSolution Barcode Scanner with Inventory & Order Manager. The issue allows unauthorized access due to...

Linux Distros Unpatched Vulnerability : CVE-2023-36308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - disintegration Imaging 1.6.2 allows attackers to cause a panic because of an integer index out of range during a Grayscale call via a crafted TIFF file to the...

Security Bulletin: Logrus is vulnerable to a denial of service, caused by a flaw in the bufio.Scanner log writer., which affects IBM watsonx.data

Summary Logrus is vulnerable to a denial of service, caused by a flaw in the bufio.Scanner log writer. By logging more than 64kb of data in a single entry without newlines, a local attacker could exploit this vulnerability to cause a denial of service. These can affect watsonx.data. Vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2021-27351

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently acti...

Linux Distros Unpatched Vulnerability : CVE-2023-41915

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code...

Linux Distros Unpatched Vulnerability : CVE-2018-11381

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The stringscanrange function in radare2 2.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a...

Linux Distros Unpatched Vulnerability : CVE-2023-34436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write vulnerability exists in the LXT2 numtimetableentries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitra...

Linux Distros Unpatched Vulnerability : CVE-2017-16119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Fresh is a module used by the Express.js framework for HTTP response freshness testing. It is vulnerable to a regular expression denial of service when it is...

Linux Distros Unpatched Vulnerability : CVE-2020-11989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. CVE-2020-119...

Linux Distros Unpatched Vulnerability : CVE-2022-28070

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A null pointer deference in coreanalfcn function in radare2 5.4.2 and 5.4.0. CVE-2022-28070 Note that Nessus relies on the presence of the package as reported b...

The Art of Hide and Seek: Making Pickle-Based Model Supply Chain Poisoning Stealthy Again

Pickle deserialization vulnerabilities have persisted throughout Python's history, remaining widely recognized yet unresolved. Due to its ability to transparently save and restore complex objects into byte streams, many AI/ML frameworks continue to adopt pickle as the model serialization protocol...

Linux Distros Unpatched Vulnerability : CVE-2020-28032

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress before 5.5.2 mishandles deserialization requests in wp- includes/Requests/Utility/FilteredIterator.php. CVE-2020-28032 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2022-2761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure issue in GitLab CE/EE affecting all versions from 14.4 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an...