5 matches found
WordPress Qi Blocks plugin <= 1.4.3 - Missing Authorization to Arbitrary Attachment Resize vulnerability
Missing Authorization to Arbitrary Attachment Resize vulnerability discovered by Adrian Lukita in WordPress Plugin Qi Blocks versions = 1.4.3...
Linux Distros Unpatched Vulnerability : CVE-2021-21334
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In containerd an industry-standard container runtime before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation through...
UBUNTU-CVE-2022-23520
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer may allow an attacker to...
PT-2022-26996 · Typora · Typora
Name of the Vulnerable Software and Affected Versions: Typora versions prior to 1.4.4 Description: The issue is related to the improper neutralization of JavaScript code. When a file is opened with the affected product, it may result in the execution of JavaScript code contained in the file...
PT-2019-19855 · Hashicorp +1 · Hashicorp Consul +1
Name of the Vulnerable Software and Affected Versions: HashiCorp Consul version 1.4.3 Description: The issue arises from a lack of server hostname verification for agent-to-agent TLS communication in HashiCorp Consul. This occurs even when the verify server hostname setting is set to true, causin...