39 matches found
CVE-2026-2284 News Element Elementor Blog Magazine <= 1.0.8 - Missing Authorization to Authenticated (Subscriber+) Data Loss
The News Element Elementor Blog Magazine plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.8. This is due to a missing capability check and nonce verification on the 'necleandata' AJAX action. This makes it possible for authenticated attackers,...
CLSA-2025-1766079368 systemd: Fix of CVE-2025-4598
CVE-2025-4598: fixed race condition in systemd-coredump that exposes privileged core dump data...
EUVD-2024-19301
Malicious code in bioql PyPI...
Atlassian Jira Core Data和Atlassian Jira Service Management Data 安全漏洞
Atlassian Jira Core Data and Atlassian Jira Service Management Data are both products of Atlassian Australia.Atlassian Jira Core Data is an enterprise-level project management tool.Atlassian Jira Atlassian Jira Service Management Data is an IT Service Management ITSM tool. A security vulnerabilit...
PrivEsc (Privilege Escalation) in Jira Core Data Center
Summary: This High severity PrivEsc Privilege Escalation vulnerability was introduced in versions 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center. This PrivEsc Privilege Escalation vulnerability, with a CVSS Score of 7.2, allows an attacker to perform actions as a higher-privileged...
CVE-2024-21685
This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information Disclosur...
CVE-2024-50278 dm cache: fix potential out-of-bounds access on the first resume
In the Linux kernel, the following vulnerability has been resolved: dm cache: fix potential out-of-bounds access on the first resume Out-of-bounds access occurs if the fast device is expanded unexpectedly before the first-time resume of the cache table. This happens because expanding the fast...
CVE-2024-50278
In the Linux kernel, the following vulnerability has been resolved: dm cache: fix potential out-of-bounds access on the first resume Out-of-bounds access occurs if the fast device is expanded unexpectedly before the first-time resume of the cache table. This happens because expanding the fast...
CVE-2024-50278 dm cache: fix potential out-of-bounds access on the first resume
In the Linux kernel, the following vulnerability has been resolved: dm cache: fix potential out-of-bounds access on the first resume Out-of-bounds access occurs if the fast device is expanded unexpectedly before the first-time resume of the cache table. This happens because expanding the fast...
CVE-2024-21685
This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information Disclosur...
CVE-2024-21685
This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information Disclosur...
CVE-2024-21685
This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information Disclosur...
CVE-2024-21685
This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information Disclosur...
About the security content of macOS Ventura 13.6.4
About the security content of macOS Ventura 13.6.4 This document describes the security content of macOS Ventura 13.6.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
Akamai’s Differentiated Cloud Strategy
Akamai is taking a different approach to cloud computing than providers who base their platforms solely on core data centers. Read more about our strategy...
UBUNTU-CVE-2022-23482
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol RDP. xrdp v0.9.21 contain a Out of Bound Read in xrdpsecprocessmcsdataCSCORE function. There are no known workarounds for this issue. Users are advised to upgrade...
[SECURITY] Fedora 36 Update: golang-github-pkg-diff-0-0.4.20210406git20ebb0f.fc36
Module github.com/pkg/diff can be used to create, modify, and print diffs. The top level package, diff, contains convenience functions for the most comm on uses. The subpackages provide very fine-grained control over every aspect: - myers: creates diffs using the Myers diff algorithm. - edit:...
FORCEDENTRY: Sandbox Escape
Posted by Ian Beer & Samuel Groß of Google Project Zero We want to thank Citizen Lab for sharing a sample of the FORCEDENTRY exploit with us, and Apple’s Security Engineering and Architecture SEAR group for collaborating with us on the technical analysis. Any editorial opinions reflected below ar...
TwinOaks Computing CoreDX DDS 输入验证错误漏洞
TwinOaks Computing CoreDX DDS is a CoreDX DDS Data Distribution Service middleware. An input validation error vulnerability exists in TwinOaks Computing CoreDX DDS, which arises from the product's failure to efficiently handle incoming specialized data. An attacker could use this vulnerability to...
Deserialization of untrusted data
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 before 4.13.8, and from version 4.14.0 before 4.17....