62 matches found
CVE-2022-37459
Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue...
CVE-2022-35888
Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data being processed on the system...
EUVD-2022-38761
Malicious code in bioql PyPI...
EUVD-2022-53488
Malicious code in bioql PyPI...
EUVD-2024-51100
Malicious code in bioql PyPI...
EUVD-2021-32224
Malicious code in bioql PyPI...
EUVD-2022-40084
Malicious code in bioql PyPI...
EUVD-2022-49672
Malicious code in bioql PyPI...
CVE-2024-12774
The Altra Side Menu WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete arbitrary menu via a CSRF attack...
CVE-2024-12773
The Altra Side Menu WordPress plugin through 2.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...
CVE-2022-32295
On Ampere Altra and AltraMax devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component...
WordPress Altra Side Menu plugin <= 2.0 - Abitrary Menu Deletion via CSRF vulnerability
Abitrary Menu Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Altra Side Menu versions = 2.0...
WordPress Altra Side Menu plugin <= 2.0 - Admin+ SQL Injection vulnerability
Admin+ SQL Injection vulnerability discovered by Régis SENET in WordPress Plugin Altra Side Menu versions = 2.0...
CVE-2024-12774
The Altra Side Menu WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete arbitrary menu via a CSRF attack...
CVE-2024-12773
The Altra Side Menu WordPress plugin through 2.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...
CVE-2024-12774
The Altra Side Menu WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete arbitrary menu via a CSRF attack...
CVE-2024-12773
The Altra Side Menu WordPress plugin through 2.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...
CVE-2024-12774 Altra Side Menu <= 2.0 - Abitrary Menu Deletion via CSRF
The Altra Side Menu WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete arbitrary menu via a CSRF attack...
CVE-2024-12774
CVE-2024-12774 affects the Altra Side Menu WordPress plugin (≤ v2.0). It stems from missing CSRF checks, potentially allowing logged-in admins to delete arbitrary menus via CSRF. No explicit patch or mitigation details are provided in the connected documents; monitor for updates and consider rest...
CVE-2024-12774 Altra Side Menu <= 2.0 - Abitrary Menu Deletion via CSRF
The Altra Side Menu WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete arbitrary menu via a CSRF attack...