Linux Distros Unpatched Vulnerability : CVE-2020-13670

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information Disclosure vulnerability in file module of Drupal Core allows an attacker to gain access to the file metadata of a permanent private file that they ...

WordPress plugin WP Cerber Security, Anti-spam & Malware Scan 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress WP Cerber Security, Anti-spam & Malware Scan Plugin...

PT-2022-13178

Name of the Vulnerable Software and Affected Versions: WP Cerber Security, Anti-spam & Malware Scan WordPress plugin versions prior to 8.9.6 Description: The issue is related to an unauthenticated stored Cross-Site Scripting problem. It occurs because the $url variable is not properly sanitized...

WordPress WP Cerber Security plugin <= 8.9.5 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability

Unauthenticated Stored Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress WP Cerber Security plugin versions = 8.9.5. Solution Update the WordPress WP Cerber Security plugin to the latest available version at least 8.9.6...

GHSA-C533-C843-67H8 Drupal core Cross-site Scripting (XSS) vulnerability in ckeditor

Cross-site Scripting XSS vulnerability in ckeditor of Drupal Core allows attacker to inject XSS. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10.; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6...

UBUNTU-CVE-2021-39905

An information disclosure vulnerability in the GitLab CE/EE API since version 8.9.6 allows a user to see basic information on private groups that a public project has been shared with...

PT-2020-13649 · Drupal · Drupal Core

Name of the Vulnerable Software and Affected Versions: Drupal Core versions prior to 8.8.10 Drupal Core versions prior to 8.9.6 Drupal Core versions prior to 9.0.6 Description: The issue is related to an Access Bypass vulnerability in Drupal Core, where an attacker can exploit the way HTML is...

PT-2020-13648 · Drupal · Drupal Core

Name of the Vulnerable Software and Affected Versions: Drupal Core versions prior to 8.8.10 Drupal Core versions prior to 8.9.6 Drupal Core versions prior to 9.0.6 Description: The issue is an access bypass vulnerability in the Workspaces module of Drupal Core, which fails to properly check acces...

Oracle Hospitality Applications Hospitality Suite8 Component Information Disclosure Vulnerability

Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hospitality management from Oracle. The product provides human resources cost management, provide customers throughout the journey to track the management of services to improve customer...