SAP NetWeaver AS Cross-Site Scripting Vulnerability (CNVD-2024-49630)

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but also the basic platform for SAP software. SAP NetWeaver AS suffers from a cross-site scripting vulnerability that stems from insufficient coding of user control input, which can be exploited ...

Fortinet FortiAnalyzer和FortiManager 安全漏洞

Fortinet FortiManager and Fortinet FortiAnalyzer are both products of Fortinet, Inc. Fortinet FortiManager is a centralized network security management platform. The platform supports centralized management of any number of Fortinet devices, and can be grouped into different management domains AD...

CVE-2024-5148 Gnome-remote-desktop: inadequate validation of session agents using d-bus methods may expose rdp tls certificate

A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a result, the system RDP TLS certificate and...

WordPress plugin Zephyr Project Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin.... A security vulnerability...

upKeeper 安全漏洞

upKeeper is a cloud-based or local solution from upKeeper, Inc. A security vulnerability exists in upKeeper version 5.1.9 and earlier, which stems from the presence of an authorization bypass via user control key vulnerability that allows the use of REST trust in system resources to gain access t...

Talya Informatics Travel APPS Security Breach

Talya Informatics Travel APPS is a travel software from the Turkish company Talya Informatics. A security vulnerability exists in Talya Informatics Travel APPS prior to version v17.0.68, which stems from a vulnerability that allows an attacker to bypass user control key authorization using...

CVE-2024-4874 Bricks Builder <= 1.9.8 - Insecure Direct Object Reference

The Bricks Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.8 via the postId parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Contributor-level access and...

DEBIAN-CVE-2022-48717

In the Linux kernel, the following vulnerability has been resolved: ASoC: max9759: fix underflow in speakergaincontrolput Check for negative values of "priv-gain" to prevent an out of bounds access. The concern is that these might come from the user via: - sndctlelemwriteuser - sndctlelemwrite -...

WordPress plugin KiviCare security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

GHSA-8FMJ-33GW-G7PW Denial of service of Minder Server from maliciously crafted GitHub attestations

Minder is vulnerable to a denial-of-service DoS attack which could allow an attacker to crash the Minder server and deny other users access to it. The root cause of the vulnerability is that Minders sigstore verifier reads an untrusted response entirely into memory without enforcing a limit on th...

RHEL 5 : freeradius (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - freeradius: Out-of-bounds write in radcoalesce CVE-2017-10979 - An FR-GV-201 issue in FreeRADIUS 2.x befo...

WP-Recall – Registration, Profile, Commerce & More < 16.26.6 - Insecure Direct Object Reference

Description The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 16.26.5 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

CVE-2024-1289

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.6.3 due to missing validation on a user controlled key when looking up order information. This makes it possible for authenticated attackers to...

GHSA-Q7G6-XFH2-VHPX phpMyFAQ stored Cross-site Scripting at user email

Summary The email field in phpMyFAQ's user control panel page is vulnerable to stored XSS attacks due to the inadequacy of PHP's FILTERVALIDATEEMAIL function, which only validates the email format, not its content. This vulnerability enables an attacker to execute arbitrary client-side JavaScript...

CVE-2024-27300

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The email field in phpMyFAQ's user control panel page is vulnerable to stored XSS attacks due to the inadequacy of PHP's FILTERVALIDATEEMAIL function, which only validates the email format, not...

CVE-2024-27300 phpMyFAQ Stored XSS at user email

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The email field in phpMyFAQ's user control panel page is vulnerable to stored XSS attacks due to the inadequacy of PHP's FILTERVALIDATEEMAIL function, which only validates the email format, not...

phpMyFAQ 安全漏洞

phpMyFAQ is a multilingual, fully database-driven Frequently Asked Questions FAQ system by the individual developer Thorsten Rinne. A security vulnerability exists in phpMyFAQ, which stems from the email field in the phpMyFAQ User Control Panel page being vulnerable to a stored cross-site scripti...

Signal to shield user phone numbers by default

Chat app Signal will shield user’s phone numbers by default from now on. And, it will no longer be necessary to exchange phone numbers when people want to connect through the app. In November, we reported that Signal was testing usernames to eliminate the need to share your phone number. Signal h...

WordPress plugin Display custom fields in the frontend Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Contact Form 7 – Dynamic Text Extension < 4.2.0 - Insecure Direct Object Reference

Description The plugin is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.0 via the CF7getcustomfield and CF7getcurrentuser shortcodes due to missing validation on a user controlled key. This makes it possible for authenticated attackers with contributor...