8548 matches found
WordPress Plugin Elementor Addons by Livemesh 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress Plugin...
PT-2024-20769 · WordPress · Wp Chat App
Name of the Vulnerable Software and Affected Versions: WP Chat App plugin for WordPress versions up to, and including, 3.6.2 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes, specifically the imageAlt block attribute. This allows...
WordPress Plugin Elementor Addons by Livemesh 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress Plugin...
WordPress Plugin Rank Math SEO with AI SEO Tools 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
CVE-2024-31948
In FRRouting FRR through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash...
CVE-2024-31948
In FRRouting FRR through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash...
FRRouting 安全漏洞
FRRouting is an open source network routing software suite from the FRRouting Project that runs on Unix-like platforms. A security vulnerability exists in FRRouting FRR versions 9.1 and earlier, which originates from a vulnerability that allows an attacker to cause the bgpd daemon to crash by usi...
Apache NimBLE 安全漏洞
Apache NimBLE is an open source Bluetooth 5.4 stack host and controller from the Apache Foundation in the U.S. It completely replaces the proprietary SoftDevice on the Nordic chipset.It is part of the Apache Mynewt project. A denial-of-service vulnerability exists in Apache NimBLE version 1.6.0 a...
WordPress Plugin Element Pack Elementor Addons 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
CVE-2024-3217
The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'attributevalue' and 'attributeid' parameters in all versions up to, and including, 1.3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...
CVE-2024-3217
The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'attributevalue' and 'attributeid' parameters in all versions up to, and including, 1.3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...
CVE-2024-3217
CVE-2024-3217 affects WP Directory Kit for WordPress; the vulnerability is an SQL Injection via attribute_id and attribute_value in all versions up to 1.3.0 caused by insufficient escaping and query preparation. This allows an authenticated attacker with subscriber-level access or higher to injec...
WordPress Plugin WP Directory Kit 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security...
PT-2024-20526 · Apache · Apache Nimble
Name of the Vulnerable Software and Affected Versions: Apache NimBLE versions through 1.6.0 Description: A specially crafted GATT operation can cause an infinite loop in the GATT server, leading to a denial of service in the Bluetooth stack or device. Recommendations: For Apache NimBLE versions...
CVE-2024-30250 In Astro-Shield, setting a correct `integrity` attribute to injected code allows to bypass the allow-lists
Astro-Shield is an integration to enhance website security with SubResource Integrity hashes, Content-Security-Policy headers, and other techniques. Versions from 1.2.0 to 1.3.1 of Astro-Shield allow bypass to the allow-lists for cross-origin resources by introducing valid integrity attributes to...
Information Disclosure
yaql is vulnerable to Information Disclosure. The vulnerability is due to improper handling of attribute access in the YAQL library's 'format' function, allowing unauthorized users to access sensitive information, including service account credentials...
The vulnerability of the bgpd/bgp_packet.c file in the networking routing implementation software for Unix-like systems allows a hacker to cause a service failure.
The vulnerability of the bgpd/bgppacket.c file in the networking routing implementation software for Unix-like systems in FRRouting is related to the handling of NLRI Next Hop Routing Information when the length of the attribute is zero. Exploiting this vulnerability could allow a malicious actor...
Astro-Shield 安全漏洞
Astro-Shield is an open source library from KindSpells Labs. It is used to compute sub-resource integrity hashes for JS scripts and CSS stylesheets. A security vulnerability exists in Astro-Shield versions 1.2.0 through 1.3.1, which stems from a vulnerability that allows an attacker to bypass the...
DEBIAN-CVE-2023-52641
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add NULL ptr dereference checking at the end of attrallocateframe It is preferable to exit through the out: label because internal debugging functions are located there...
DEBIAN-CVE-2023-52640
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix oob in ntfslistxattr The length of name cannot exceed the space occupied by ea...