60 matches found
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the updateAssistant and createAssistant handlers in the assistant service. An attacker can reassign an assistant to a...
EUVD-2021-13841
Malware in sbrugna...
EUVD-2019-9935
Malware in sbrugna...
EUVD-2021-23521
Malware in sbrugna...
EUVD-2021-30155
Malicious code in bioql PyPI...
EUVD-2021-29272
Malicious code in bioql PyPI...
CVE-2019-1378
An elevation of privilege vulnerability exists in Windows 10 Update Assistant in the way it handles permissions.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows 10 Update Assistant Elevation of Privilege Vulnerability'...
CVE-2024-11143
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.8. This is due to missing or incorrect nonce validation on the updateassistant, addnewassistant, and deleteassistant functions. This makes it possible for...
CVE-2024-10531 Kognetiks Chatbot for WordPress <= 2.1.7 - Missing Authorization to Authenticated (Subscriber+) Assistant Update
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateassistant function in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level acce...
CVE-2024-10531
The CVE CVE-2024-10531 affects the Kognetiks Chatbot for WordPress plugin for WordPress, versions up to and including 2.1.7. The root cause is a missing capability check in update_assistant(), enabling authenticated users with subscriber-level access and above to modify GTP assistants without aut...
CVE-2024-10531 Kognetiks Chatbot for WordPress <= 2.1.7 - Missing Authorization to Authenticated (Subscriber+) Assistant Update
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateassistant function in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level acce...
WordPress plugin Kognetiks Chatbot 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Kognetiks Chatbot 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
PT-2024-16348 · WordPress · Kognetiks Chatbot
Name of the Vulnerable Software and Affected Versions: Kognetiks Chatbot for WordPress plugin for WordPress versions up to, and including, 2.1.7 Description: The issue is related to unauthorized modification of data due to a missing capability check on the update assistant function. This allows...
Microsoft Windows Update Assistant Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additional user interaction is required in that an...
CVE-2021-43211
Windows 10 Update Assistant Elevation of Privilege Vulnerability...
CVE-2021-42297
Windows 10 Update Assistant Elevation of Privilege Vulnerability...
Privilege escalation
Windows 10 Update Assistant Elevation of Privilege Vulnerability...
Privilege escalation
Windows 10 Update Assistant Elevation of Privilege Vulnerability...
CVE-2021-43211 Windows 10 Update Assistant Elevation of Privilege Vulnerability
...