15 matches found
EUVD-2022-1136
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-34969
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the...
BIT-HUBBLE-2024-28250
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...
BIT-CILIUM-2024-28250
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...
CVE-2024-28250 Cilium has possible unencrypted traffic between nodes when using WireGuard and L7 policies
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...
DEBIAN-CVE-2023-34969
D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon...
UBUNTU-CVE-2023-34969
D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon...
PT-2023-8954 · D-Bus +8 · D-Bus +8
Name of the Vulnerable Software and Affected Versions: D-Bus versions prior to 1.12.28 D-Bus versions prior to 1.14.8 D-Bus versions prior to 1.15.6 Description: The issue allows unprivileged users to crash dbus-daemon under certain circumstances. This can be achieved by sending an unreplyable...
Enhancesoft osTicket SQL注入漏洞
Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A security vulnerability exists in Enhancesoft osTicket that originates from an SQL injection during the login and password reset process. An attacker could exploit this vulnerability to gain acce...
PT-2022-13247
Name of the Vulnerable Software and Affected Versions NPM follow-redirects versions prior to 1.14.8 Description The issue is related to the improper removal of sensitive information before storage or transfer, which can lead to exposure of sensitive information to unauthorized actors...
Follow Redirects 信息泄露漏洞
Follow Redirects is a Node.js module that automatically follows Https redirects. An information disclosure vulnerability exists in versions of Follow Redirects prior to 1.14.8, which stems from the exposure of sensitive information in NPM to unauthorized participants...
WordPress Gutenberg Blocks plugin <= 1.14.7 - Authenticated Settings Change vulnerability
Authenticated Settings Change vulnerability discovered by NinTechNet in WordPress Gutenberg Blocks plugin versions = 1.14.7. Solution Update the WordPress Gutenberg Blocks plugin to the latest available version at least 1.14.8...
WordPress Relevanssi Premium Cross-Site Scripting Vulnerability
WordPress is a set of blogging platform developed in PHP language by WordPress Software Foundation, which supports setting up personal blog sites on servers with PHP and MySQL.Relevanssi Premium is a commercial version of the instant search plugin for websites. A cross-site scripting vulnerabilit...
Cross site scripting
Reflected XSS in Relevanssi Premium version 1.14.8 when using relevanssididyoumean could allow unauthenticated attacker to do almost anything an admin can...
Debian: Security Advisory (DSA-930-2)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...