H3C Magic R300 缓冲区错误漏洞

The H3C Magic R300 is a wireless router from China's Xinhua San H3C. The H3C Magic R300 suffers from a stack overflow vulnerability that is caused by incorrect boundary checking of the EditBasicSID interface on /goform/aspForm. An attacker can exploit this vulnerability to cause a buffer overflow...

SUSE CVE-2023-32319

Nextcloud server is an open source personal cloud implementation. Missing brute-force protection on the WebDAV endpoints via the basic auth header allowed to brute-force user credentials when the provided user name was not an email address. Users from version 24.0.0 onward are affected. This issu...

Design/Logic Flaw

Nextcloud server is an open source personal cloud implementation. Missing brute-force protection on the WebDAV endpoints via the basic auth header allowed to brute-force user credentials when the provided user name was not an email address. Users from version 24.0.0 onward are affected. This issu...

Nextcloud 安全漏洞

Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in the Nextcloud server that stems from the lack of brute-force protection for WebDAV endpoints via the basic authentication header...

CVE-2022-47139

Cross-Site Request Forgery CSRF vulnerability in Damir Calusic WP Basic Elements plugin = 5.2.15 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Damir Calusic WP Basic Elements plugin = 5.2.15 versions...

CVE-2022-47139

CVE-2022-47139 is a Cross-Site Request Forgery (CSRF) vulnerability in WordPress plugin WP Basic Elements (

CVE-2022-47139 WordPress WP Basic Elements Plugin <= 5.2.15 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Damir Calusic WP Basic Elements plugin = 5.2.15 versions...

PT-2023-15184 · WordPress · Wp Basic Elements

Name of the Vulnerable Software and Affected Versions: WP Basic Elements plugin versions prior to 5.2.15 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions on a web...

WordPress plugin WP Basic Elements 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

North Korean Kimsuky Hackers Strike Again with Advanced Reconnaissance Malware

The North Korean advanced persistent threat APT group known as Kimsuky has been observed using a piece of custom malware called RandomQuery as part of a reconnaissance and information exfiltration operation. "Lately, Kimsuky has been consistently distributing custom malware as part of...

CVE-2023-23709

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Denis WPJAM Basic plugin = 6.2.1 versions...

CVE-2023-23709

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Denis WPJAM Basic plugin = 6.2.1 versions...

CVE-2023-23709 WordPress WPJAM Basic Plugin <= 6.2.1 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Denis WPJAM Basic plugin = 6.2.1 versions...

CVE-2023-23709

The CVE-2023-23709 entry concerns a stored Cross-Site Scripting (XSS) flaw in the WordPress WPJAM Basic plugin (≤ 6.2.1) exploitable by authenticated contributors. The underlying issue is improper handling/validation of input that can be stored and later reflected in pages. Impact is limited by p...

WordPress plugin WPJAM Basic 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

CVE-2023-23901

CVE-2023-23901 affects Seiko Solutions SkyBridge MB-A200 firmware (01.00.05 and earlier) and SkyBridge BASIC MB-A130 firmware (1.4.1 and earlier). Root cause: improper following of a certificate’s chain of trust. Impact: remote unauthenticated attacker may eavesdrop on or alter communications sen...

Seiko Solutions SkyBridge 安全漏洞

Seiko Solutions SkyBridge is a series of routers from Seiko Solutions, Japan. A security vulnerability exists in Seiko Solutions SkyBridge and SkySpider. An attacker could exploit the vulnerability to decrypt the password of the product's WebUI. The following products and versions are affected:...

Intel Bios 安全漏洞

Intel Bios is a basic input-output system from Intel Corporation USA used to perform hardware initialization during the power-on boot phase, as well as firmware that provides runtime services to the operating system. A security vulnerability exists in Intel Bios. An attacker could exploit the...

kernel: BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c

A list corruption flaw was found in cfg80211addnontranslist in the net/wireless/scan.c function in the Linux kernel. This flaw could lead to a denial of service...