CVE-2022-47154 WordPress CSS JS Manager Plugin <= 2.4.49 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Pi Websolution CSS JS Manager, Async JavaScript, Defer Render Blocking CSS supports WooCommerce plugin = 2.4.49 versions...

PT-2023-15198 · Unknown · Pi Websolution Css Js Manager +1

Name of the Vulnerable Software and Affected Versions: Pi Websolution CSS JS Manager, Async JavaScript, Defer Render Blocking CSS supports WooCommerce plugin versions = 2.4.49 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows a...

Fortinet FortiWeb OS Command Injection Vulnerability (CNVD-2023-18291)

Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures web applications and protects sensitive database content. An operating system command injection...

CVE-2014-125093

A vulnerability has been found in Ad Blocking Detector Plugin up to 1.2.1 on WordPress and classified as problematic. This vulnerability affects unknown code of the file ad-blocking-detector.php. The manipulation leads to information disclosure. The attack can be initiated remotely. Upgrading to...

Information disclosure

A vulnerability has been found in Ad Blocking Detector Plugin up to 1.2.1 on WordPress and classified as problematic. This vulnerability affects unknown code of the file ad-blocking-detector.php. The manipulation leads to information disclosure. The attack can be initiated remotely. Upgrading to...

CVE-2014-125093

CVE-2014-125093 affects WordPress Ad Blocking Detector Plugin versions up to 1.2.1. The vulnerability involves information disclosure due to manipulation in the file ad-blocking-detector.php (unknown code sections). The issue can be triggered remotely. A fix exists: upgrade to version 1.2.2, with...

PT-2023-10161 · Unknown · Ad Blocking Detector Plugin

Name of the Vulnerable Software and Affected Versions: Ad Blocking Detector Plugin versions up to 1.2.1 Description: A vulnerability has been found in the Ad Blocking Detector Plugin, affecting unknown code of the file ad-blocking-detector.php. This issue leads to information disclosure and can b...

The vulnerability of the application for blocking advertisements and Pi-hole internet trackers arises from the failure to take measures to neutralize special elements used in the operating system’s command set. This allows a violator to execute arbitrary code.

The vulnerability of the Pi-hole ad blocking app exists because measures are not taken to neutralize the special elements used in the operating system’s command set. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PT-2025-18809

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the usb: gadget: u audio component. The issue occurs when userspace can block the driver unbind, causing a deadlock duri...

CVE-2022-39228

vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. vantage6 does not inform the user of wrong username/password combination if the username actually exists. This is an attempt to prevent bots from obtaining usernames. However, if a wrong password is...

PYSEC-2023-52

vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. vantage6 does not inform the user of wrong username/password combination if the username actually exists. This is an attempt to prevent bots from obtaining usernames. However, if a wrong password is...

CVE-2022-39228 Observable Response Discrepancy in vantage6

vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. vantage6 does not inform the user of wrong username/password combination if the username actually exists. This is an attempt to prevent bots from obtaining usernames. However, if a wrong password is...

CVE-2022-39228 Observable Response Discrepancy in vantage6

vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. vantage6 does not inform the user of wrong username/password combination if the username actually exists. This is an attempt to prevent bots from obtaining usernames. However, if a wrong password is...

GHSA-36GX-9Q6H-G429 vantage6 vulnerable to Observable Response Discrepancy

Impact We are incorporating the password policies listed in https://github.com/vantage6/vantage6/issues/59. One measure is that we don't let the user know in case of wrong username/password combination if the username actually exists, to prevent that bots can guess usernames. However, if a wrong...

vantage6 vulnerable to Observable Response Discrepancy

Impact We are incorporating the password policies listed in https://github.com/vantage6/vantage6/issues/59. One measure is that we don't let the user know in case of wrong username/password combination if the username actually exists, to prevent that bots can guess usernames. However, if a wrong...

Web applications and Project Loom

Introduction Project Loom aims to bring "easy-to-use, high-throughput, lightweight concurrency" to the JRE. One feature introduced by Project Loom is virtual threads. In this blog post, we'll be exploring what virtual threads mean for web applications using some simple web applications deployed o...

Mod_gnutls 安全漏洞

modgnutls is a TLS module for Apache HTTPD based on GnuTLS. A security vulnerability exists in Modgnutls versions prior to 0.12.1, which stems from not properly blocking read operations on TLS connections and can be exploited by an attacker to cause a denial of service attack...

K12002065: BIG-IP ASM XSS vulnerability CVE-2020-5932

Security Advisory Description A cross-site scripting XSS vulnerability exists in the BIG-IP ASM Configuration utility response and blocking pages. An authenticated user with administrative privileges can specify a response page with any content, including JavaScript code that will be executed whe...

K87895241: Apache Tomcat vulnerability CVE-2021-30639

Security Advisory Description A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service. An error introduced as part of a change to improve error handling during non-blocking I/O meant that the error flag associated with the Request object was not reset between...

K12953: A Cross-Site Scripting (XSS) vulnerability exists in the BIG-IP ASM Web Scraping feature

Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...