PT-2024-37221 · WordPress · The Beauty Theme

Name of the Vulnerable Software and Affected Versions: The Beauty theme for WordPress versions up to, and including, 1.1.4 Description: The issue is related to Stored Cross-Site Scripting via the tpl featured cat id parameter due to insufficient input sanitization and output escaping. This allows...

0x-relayer-cat (>=0.0.2 <=0.0.10), 0xauth (>=0.0.2 <=0.0.6) +8804 more potentially affected by CVE-2024-42460 via elliptic (>=2.0.2 <=6.5.6)

elliptic NPM version =2.0.2, =0.0.2, =0.0.2, =1.0.6, =0.0.1-beta.1, =1.0.0, =0.1.0, =0.0.92, =0.1.3, =4.2.1, =6.2.1, =6.2.4 and more Source cves: CVE-2024-42460 Source advisory: OSV:GHSA-977X-G7H5-7QGW...

New Research: The Proliferation of Cellular in IoT

Researchers explain the trend and argue for deeper understanding Analysis of Cellular Based Internet of Things IoT Technology is a new whitepaper co-authored by Rapid7 principal security researcher Deral Heiland and Thermo Fisher Scientific lead product security researcher Carlota Bindner. In thi...

MAL-2024-7665 Malicious code in sap-cat (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis baf3e145193aec8cc8631c60a9577ba041c8d4fa2842c93c0b9e9759507b9596 The OpenSSF Package Analysis project identified 'sap-cat' @ 0.0.0 npm as malicious. It is considered malicious because: - The package communicat...

Malicious code in sap-cat (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis baf3e145193aec8cc8631c60a9577ba041c8d4fa2842c93c0b9e9759507b9596 The OpenSSF Package Analysis project identified 'sap-cat' @ 0.0.0 npm as malicious. It is considered malicious because: - The package communicat...

Ecommerce-CodeIgniter-Bootstrap Cross-Site Scripting Vulnerability

Ecommerce-CodeIgniter-Bootstrap is a responsive, multi-vendor, multi-language online store platform shopping cart solution. Ecommerce-CodeIgniter-Bootstrap suffers from a cross-site scripting vulnerability that stems from cross-site scripting vulnerabilities in the searchtitle, catName, sub, name...

Malicious code in down_load_ebook_cat_kid_comic_club_a_graphic_novel_cat_kid_comic_by_dav_pilkey_wnu8b (npm)

--- -= Per source details. Do not edit below this line.=-...

intel-cmt-cat bug fix and enhancement update

An update is available for intel-cmt-cat. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linu...

Commando Cat Cryptojacking Attacks Target Misconfigured Docker Instances

The threat actor known as Commando Cat has been linked to an ongoing cryptojacking attack campaign that leverages poorly secured Docker instances to deploy cryptocurrency miners for financial gain. "The attackers used the cmd.cat/chattr docker image container that retrieves the payload from their...

Fedora: Security Advisory for rust-bat (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HP Exposes Low-Effort, High-Impact Cat-Phishing Targeting Users

By Waqas New HP report reveals cybercriminals are increasingly leveraging "cat-phishing" techniques, exploiting open redirects in legitimate websites to deceive users and deliver malware. This is a post from HackRead.com Read the original post: HP Exposes Low-Effort, High-Impact Cat-Phishing...

scn2.cat Cross Site Scripting vulnerability OBB-3917076

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Ecommerce-Website SQL Injection Vulnerability

Ecommerce-Website is a complete e-commerce website with an administration panel built using PHP and MySql. A SQL injection vulnerability exists in Ecommerce-Website version 1.0, which stems from the parameter catid/brandid/keyword in the file action.php that can lead to SQL injection...

SUSE CVE-2021-47089

In the Linux kernel, the following vulnerability has been resolved: kfence: fix memory leak when cat kfence objects Hulk robot reported a kmemleak problem: unreferenced object 0xffff93d1d8cc02e8 size 248: comm "cat", pid 23327, jiffies 4624670141 age 495992.217s hex dump first 32 bytes: 00 40 85 ...

CVE-2021-47089

In the Linux kernel, the following vulnerability has been resolved: kfence: fix memory leak when cat kfence objects Hulk robot reported a kmemleak problem: unreferenced object 0xffff93d1d8cc02e8 size 248: comm "cat", pid 23327, jiffies 4624670141 age 495992.217s hex dump first 32 bytes: 00 40 85 ...

DEBIAN-CVE-2021-47089

In the Linux kernel, the following vulnerability has been resolved: kfence: fix memory leak when cat kfence objects Hulk robot reported a kmemleak problem: unreferenced object 0xffff93d1d8cc02e8 size 248: comm "cat", pid 23327, jiffies 4624670141 age 495992.217s hex dump first 32 bytes: 00 40 85 ...

UBUNTU-CVE-2021-47089

In the Linux kernel, the following vulnerability has been resolved: kfence: fix memory leak when cat kfence objects Hulk robot reported a kmemleak problem: unreferenced object 0xffff93d1d8cc02e8 size 248: comm "cat", pid 23327, jiffies 4624670141 age 495992.217s hex dump first 32 bytes: 00 40 85 ...

CVE-2021-47089 kfence: fix memory leak when cat kfence objects

In the Linux kernel, the following vulnerability has been resolved: kfence: fix memory leak when cat kfence objects Hulk robot reported a kmemleak problem: unreferenced object 0xffff93d1d8cc02e8 size 248: comm "cat", pid 23327, jiffies 4624670141 age 495992.217s hex dump first 32 bytes: 00 40 85 ...

[SECURITY] Fedora 39 Update: rust-bat-0.24.0-3.fc39

A cat1 clone with wings...

Design/Logic Flaw

The Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.2. This makes it possible for unauthenticated attackers to access landing pages that may not be public...