Lucene search
+L

396 matches found

patchstack
patchstack
added 2021/12/21 12:0 a.m.31 views

WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.6 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Jeremie Amsellem in WordPress Backup and Staging by WP Time Capsule plugin versions = 1.22.6. Solution Update the WordPress Backup and Staging by WP Time Capsule plugin to the latest available version at least 1.22.7...

6.1CVSS2.4AI score0.00887EPSS
Exploits2References3Affected Software1
osv
osv
added 2021/12/17 9:15 p.m.1 views

DEBIAN-CVE-2021-41500

Incomplete string comparison vulnerability exits in cvxopt.org cvxop = 1.2.6 in APIs cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve, which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects...

7.5CVSS7.3AI score0.01184EPSS
Exploits1References1
pypa
pypa
added 2021/12/17 9:15 p.m.8 views

PYSEC-2021-870

Incomplete string comparison vulnerability exits in cvxopt.org cvxop = 1.2.6 in APIs cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve, which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects...

7.5CVSS6.9AI score0.01184EPSS
Exploits1References3Affected Software1
prion
prion
added 2021/12/17 9:15 p.m.17 views

Design/Logic Flaw

Incomplete string comparison vulnerability exits in cvxopt.org cvxop = 1.2.6 in APIs cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve, which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects...

5CVSS7.4AI score0.01184EPSS
Exploits1References2Affected Software2
ubuntucve
ubuntucve
added 2021/12/17 9:15 p.m.30 views

CVE-2021-41500

Incomplete string comparison vulnerability exits in cvxopt.org cvxop = 1.2.6 in APIs cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve, which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects...

7.5CVSS7.1AI score0.01184EPSS
Exploits1References2
osv
osv
added 2021/12/17 9:15 p.m.4 views

UBUNTU-CVE-2021-41500

Incomplete string comparison vulnerability exits in cvxopt.org cvxop = 1.2.6 in APIs cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve, which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects...

7.5CVSS5.8AI score0.01184EPSS
Exploits1References3
osv
osv
added 2021/12/17 9:15 p.m.7 views

PYSEC-2021-870

Incomplete string comparison vulnerability exits in cvxopt.org cvxop = 1.2.6 in APIs cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve, which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects...

7.5CVSS5.9AI score0.01184EPSS
Exploits1References3
cvelist
cvelist
added 2021/12/17 8:44 p.m.44 views

CVE-2021-41500

Incomplete string comparison vulnerability exits in cvxopt.org cvxop = 1.2.6 in APIs cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve, which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects...

7.6AI score0.01184EPSS
Exploits1References2
debiancve
debiancve
added 2021/12/17 8:44 p.m.15 views

CVE-2021-41500

Incomplete string comparison vulnerability exits in cvxopt.org cvxop = 1.2.6 in APIs cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve, which allows attackers to conduct Denial of Service attacks by construct fake Capsule objects...

7.5CVSS7.3AI score0.01184EPSS
Exploits1
cnnvd
cnnvd
added 2021/12/17 12:0 a.m.6 views

Cvxopt 安全漏洞

Cvxopt is a freeware package for convex optimization based on the Python programming language. cvxopt A security vulnerability exists in cvxop 1.2.6 and earlier versions, which stems from incomplete string comparisons in the API. An attacker can use this vulnerability to conduct a denial of servi...

7.5CVSS7.3AI score0.01184EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2021/12/17 12:0 a.m.4 views

PT-2021-23314 · Cvxopt +2 · Cvxopt +2

Name of the Vulnerable Software and Affected Versions: cvxopt version 1.2.6 and earlier Description: The issue is related to an incomplete string comparison vulnerability in certain APIs, specifically cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, and cvxopt.cholmod.spsolve...

8.7CVSS6.5AI score0.01184EPSS
Exploits1References22
nvd
nvd
added 2021/11/23 8:15 p.m.24 views

CVE-2021-24877

The MainWP Child WordPress plugin before 4.1.8 does not validate the orderby and order parameter before using them in a SQL statement, leading to an SQL injection exploitable by high privilege users such as admin when the Backup and Staging by WP Time Capsule plugin is installed...

7.2CVSS0.01238EPSS
Exploits2References1
osv
osv
added 2021/11/23 8:15 p.m.2 views

CVE-2021-24877

The MainWP Child WordPress plugin before 4.1.8 does not validate the orderby and order parameter before using them in a SQL statement, leading to an SQL injection exploitable by high privilege users such as admin when the Backup and Staging by WP Time Capsule plugin is installed...

7.2CVSS5.8AI score0.01238EPSS
Exploits2References1
prion
prion
added 2021/11/23 8:15 p.m.15 views

Sql injection

The MainWP Child WordPress plugin before 4.1.8 does not validate the orderby and order parameter before using them in a SQL statement, leading to an SQL injection exploitable by high privilege users such as admin when the Backup and Staging by WP Time Capsule plugin is installed...

6CVSS7.1AI score0.01238EPSS
Exploits2References1Affected Software1
cvelist
cvelist
added 2021/11/23 7:16 p.m.33 views

CVE-2021-24877 MainWP Child < 4.1.8 - Admin+ SQL Injection

The MainWP Child WordPress plugin before 4.1.8 does not validate the orderby and order parameter before using them in a SQL statement, leading to an SQL injection exploitable by high privilege users such as admin when the Backup and Staging by WP Time Capsule plugin is installed...

7.4AI score0.01238EPSS
Exploits2References1
cve
cve
added 2021/11/23 7:16 p.m.56 views

CVE-2021-24877

CVE-2021-24877 affects the WordPress MainWP Child plugin prior to version 4.1.8. The issue is an SQL injection caused by lack of validation of the orderby and order parameters before their use in a SQL statement, exploitable by high-privilege users (e.g., admin) when the Backup and Staging by WP ...

7.2CVSS7.2AI score0.01238EPSS
Exploits2References1Affected Software1
wpvulndb
wpvulndb
added 2021/10/25 12:0 a.m.19 views

MainWP Child < 4.1.8 - Admin+ SQL Injection

The plugin does not validate the orderby and order parameter before using them in a SQL statement, leading to an SQL injection exploitable by high privilege users such as admin when the Backup and Staging by WP Time Capsule plugin is installed PoC POST / HTTP/1.1 Accept:...

7.2CVSS1.3AI score0.01238EPSS
Exploits2Affected Software1
threatpost
threatpost
added 2021/08/04 9:14 p.m.44 views

Black Hat: Bugs Allow Takeover of Capsule Hotel Rooms

LAS VEGAS – A series of vulnerabilities in internet of things IoT devices often found in connected hotel rooms allowed a researcher to take control of multiple rooms’ amenities – and punish a loud neighbor. An inadvertent bug hunt began when Kya Supa, security consultant at LEXFO, was traveling...

7.6AI score
Exploits0References5
redhat
redhat
added 2020/09/30 1:13 p.m.81 views

Important: Red Hat Security Advisory: Satellite 6.7.4 Async Bug Fix Update

Updated Satellite 6.7 packages that fix several bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other clien...

8.8CVSS7.3AI score0.00315EPSS
Exploits0References14
nessus
nessus
added 2020/09/30 12:0 a.m.95 views

RHEL 7 : Satellite 6.7.4 Async Bug Fix Update (Important) (RHSA-2020:4127)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4127 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide...

8.8CVSS7.8AI score0.00315EPSS
Exploits0References16
Rows per page
Query Builder