CVE-2022-24975

The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted content, aka the "GitBleed" issue. This could present a security risk if information-disclosure auditing processes rely on a clone operation without the --mirror option...

PT-2022-6487 · Git +2 · Git +2

Name of the Vulnerable Software and Affected Versions: Git versions through 2.35.1 Description: The issue is related to the disclosure of information in the error data area of the distributed version control system Git. This could present a security risk if information-disclosure auditing process...

CVE-2022-24147

Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function fromAdvSetMacMtuWan. This vulnerability allows attackers to cause a Denial of Service DoS via the wanMTU, wanSpeed, cloneType, mac, and serviceName parameters...

CVE-2022-24147

Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function fromAdvSetMacMtuWan. This vulnerability allows attackers to cause a Denial of Service DoS via the wanMTU, wanSpeed, cloneType, mac, and serviceName parameters...

Tenda Ax3 缓冲区错误漏洞

Tenda Ax3 is an Ax1800 Gigabit Port Dual Band Wifi 6 Wireless Router from Tenda China. A buffer overflow vulnerability exists in Tenda AX3 v16.03.12.10CN, which can be exploited by an attacker to cause a Denial of Service DoS via the wanMTU, wanSpeed, cloneType, mac, and serviceName parameters...

Mageia: Security Advisory (MGASA-2021-0554)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-24733

The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor to clone and view other users' draft and password-protected posts which they cannot view normally...

CVE-2021-24733

The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor to clone and view other users' draft and password-protected posts which they cannot view normally...

Default credentials

The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor to clone and view other users' draft and password-protected posts which they cannot view normally...

CVE-2021-24733

CVE-2021-24733 pertains to the WordPress plugin WP Post Page Clone. Multiple sources confirm an access-control flaw in versions older than 1.2 that lets users with very low privileges (as low as Contributor) clone and view other users’ drafts and password‑protected posts that aren’t normally acce...

CVE-2021-24733 WP Post Page Clone < 1.2 - Unauthorised Post Access

The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor to clone and view other users' draft and password-protected posts which they cannot view normally...

WordPress plugin 访问控制错误漏洞

WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. An access control error vulnerability exists in versions prior to Wordpress Plugin WP Post Page Clone...

CVE-2021-33963

China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ZRMacClone/macaddrclone receives parameters by POST request, and the parameter macType has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...

PT-2022-10304 · China Mobile · An Lianbao Wf-1

Name of the Vulnerable Software and Affected Versions: China Mobile An Lianbao WF-1 version 1.0.1 Description: The issue concerns a command injection vulnerability in the web interface of the affected router. Specifically, the "/api/ZRMacClone/mac addr clone" endpoint, which receives parameters v...

WordPress WP Post Page Clone plugin <= 1.1 - Unauthorized Post Access vulnerability

Unauthorized Post Access vulnerability discovered by apple502j in WordPress WP Post Page Clone plugin versions = 1.1. Solution Update the WordPress WP Post Page Clone plugin to the latest available version at least 1.2...

PT-2021-23007 · Snipe-It · Snipe-It

Name of the Vulnerable Software and Affected Versions: snipe-it versions prior to 5.3.4 Description: The issue is related to Improper Access Control. Regular users with DENY set to all models permissions can still view model information via the "/models/id/clone" endpoint due to no authorize'view...

Mozilla: Heap buffer overflow when using structured clone

The Mozilla Foundation Security Advisory describes this flaw as: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash...

Mozilla: Heap buffer overflow when using structured clone

The Mozilla Foundation Security Advisory describes this flaw as: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash...

Mozilla: Heap buffer overflow when using structured clone

The Mozilla Foundation Security Advisory describes this flaw as: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash...

Mozilla: Heap buffer overflow when using structured clone

The Mozilla Foundation Security Advisory describes this flaw as: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash...