EulerOS 2.0 SP8 : c-ares (EulerOS-SA-2023-3115)

According to the versions of the c-ares packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, a...

EulerOS Virtualization 2.9.1 : c-ares (EulerOS-SA-2023-2951)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will...

EulerOS Virtualization 2.10.1 : c-ares (EulerOS-SA-2023-2913)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will...

EulerOS Virtualization 2.11.1 : c-ares (EulerOS-SA-2023-2718)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in...

EulerOS Virtualization 3.0.6.6 : c-ares (EulerOS-SA-2023-3394)

According to the versions of the c-ares packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE wil...

EulerOS 2.0 SP11 : c-ares (EulerOS-SA-2023-2634)

According to the versions of the c-ares package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular...

CVE-2023-6066

The WP Custom Widget area WordPress plugin through 1.2.5 does not properly apply capability and nonce checks on any of its AJAX action callback functions, which could allow attackers with subscriber+ privilege to create, delete or modify menus on the site...

PT-2024-15107 · WordPress · Easyjobs

Name of the Vulnerable Software and Affected Versions: easy.jobs- Best Recruitment Plugin for Job Board Listing, Manager, Career Page for Elementor & Gutenberg WordPress plugin versions prior to 2.4.7 Description: The issue arises from the plugin not properly securing some of its AJAX actions,...

WordPress Plugin easy.jobs- Best Recruitment Security Breach

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability in the WordPress...

WordPress Plugin WP Custom Widget area security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2024-14871 · WordPress · Wp Custom Widget Area

Name of the Vulnerable Software and Affected Versions: WP Custom Widget area WordPress plugin versions 1.2.5 and earlier Description: The issue arises from the plugin not properly applying capability and nonce checks on its AJAX action callback functions. This could allow attackers with subscribe...

Microsoft Message Queuing Information Disclosure Vulnerability (CNVD-2024-04950)

Microsoft Message Queuing is the solution for implementing asynchronous and synchronous scenarios that require high performance. An information disclosure vulnerability exists in Microsoft Message Queuing, which can be exploited by an attacker to obtain sensitive information from heap memory...

Microsoft Message Queuing Information Disclosure Vulnerability (CNVD-2024-04947)

Microsoft Message Queuing is the solution for implementing asynchronous and synchronous scenarios that require high performance. An information disclosure vulnerability exists in Microsoft Message Queuing, which can be exploited by an attacker to obtain sensitive information from heap memory...

The vulnerability of the do_vcc_ioctl() function in the net/atm/ioctl.c module, which implements the ATM network protocol in the Linux operating system’s kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dovccioctl function in the net/atm/ioctl.c module, which implements the ATM network protocol in the Linux operating system, is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attack...

[SECURITY] Fedora 38 Update: python-pysqueezebox-0.5.5-11.fc38

Python library to control a Logitech Media Server asynchronously...

WordPress Plugin Essential Real Estate Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers running PHP and MySQL.WordPress plugin i...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse vulnerability in the Asynchronous Transfer Mode ATM subsystem...

VulnCheck KEV: CVE-2022-1950

The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection...

SUSE SLES15 Security Update : python-Twisted (SUSE-SU-2023:4830-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:4830-1 advisory. - Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP requests in one TCP...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-3394)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...