Ubiquiti UniFi Play PowerAmp和Ubiquiti UniFi Play Audio Port 安全漏洞

Both the Ubiquiti UniFi Play PowerAmp and the Ubiquiti UniFi Play Audio Port are products of the American company Ubiquiti. The Ubiquiti UniFi Play PowerAmp is a home audio control device that supports multi-room audio distribution and amplifier integration. The Ubiquiti UniFi Play Audio Port is ...

CVE-2024-45520

WithSecure Atlant formerly F-Secure Atlant 1.0.35-1 allows a remote Denial of Service because of memory corruption during scanning of a PE32 file...

CVE-2021-4367

The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Options Change by using the floimportformsoptions AJAX action in versions up to, and including, 1.0.35 due to insufficient input sanitization and output escaping along with missing...

WordPress WooCommerce Cloak Affiliate Links plugin <= 1.0.35 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Mika in WordPress Plugin WooCommerce Cloak Affiliate Links versions = 1.0.35...

WordPress plugin WooCommerce Cloak Affiliate Links 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

WordPress plugin NewsMunch 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Product Designer 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Product Designer Plugin <= 1.0.35 is vulnerable to Cross Site Scripting (XSS)

Software Product Designer Type Plugin Vulnerable versions = 1.0.35 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9111 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 972d8d8742f9 Credits Francesco Carlucci...

cups-filters security update

1.0.35-29.0.3 - Unsupport cups-browsed service - CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 Orabug: 37217141...

WordPress Calliope Theme <= 1.0.33 is vulnerable to Cross Site Request Forgery (CSRF)

Software Calliope Type Theme Vulnerable versions = 1.0.33 Fixed in 1.0.35 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2904 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e01a6aa98fcc Credits Dhabaleshwar Das Required...

CVE-2023-43767

Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 1...

WithSecure Multiple Product Security Vulnerabilities

WithSecure products is a series of security software from the Finnish company WithSecure. WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and earlier. versions, WithSecure Client Security for Mac 15,...

WithSecure Multiple Product Resource Management Error Vulnerability

WithSecure products is a series of security software from the Finnish company WithSecure. WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and earlier. versions, WithSecure Client Security for Mac 15,...

Wave Browser Code Injection Vulnerability

Wave Browser is a browser. A security vulnerability exists in Wave Browser version 1.0.35 and earlier versions. An attacker can exploit the vulnerability to execute arbitrary JavaScript code...

VulnCheck KEV: CVE-2021-4367

The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Options Change by using the floimportformsoptions AJAX action in versions up to, and including, 1.0.35 due to insufficient input sanitization and output escaping along with...