ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=3.4.0 <=7.4.5), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.7.7 <=7.4.5) +181 more potentially affected by CVE-2024-52007 via ca.uhn.hapi.fhir:org.hl7.fhir.r4b (>=5.6.22 <=6.3.9)

ca.uhn.hapi.fhir:org.hl7.fhir.r4b MAVEN version =5.6.22, =3.4.0, =5.7.7, =5.7.0, =5.7.0, =5.7.0, =5.7.0, =5.7.0, =6.2.0, =6.8.0, =6.4.0, =5.7.0, =5.7.0, =5.7.0, =5.7.0, =5.7.7, =6.8.0 and more Source cves: CVE-2024-52007 Source advisory: OSV:GHSA-GR3C-Q7XF-47VH...

CVE-2024-48463

Bruno before 1.29.1 uses Electron shell.openExternal without validation of http or https for opening windows within the Markdown docs viewer...

CVE-2024-48463

Bruno IDE Desktop prior to version 1.29.1 exposes a vulnerability where Electron’s shell.openExternal is used to open URLs in the Markdown docs viewer without validating http/https. This can lead to untrusted URL handling and, per the connected reports, potential remote code execution on systems ...

CVE-2024-48463

Bruno before 1.29.1 uses Electron shell.openExternal without validation of http or https for opening windows within the Markdown docs viewer...

CVE-2024-48463

Bruno before 1.29.1 uses Electron shell.openExternal without validation of http or https for opening windows within the Markdown docs viewer...

Malicious code in rentez-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d38f5182bdac1a9d1dc8a7edd04bf4887e39416ac443361fbe2b4de7341c0360 The OpenSSF Package Analysis project identified 'rentez-docs' @ 6.6.6 npm as malicious. It is considered malicious because: - The package...

CVE-2024-49672

Cross-Site Request Forgery CSRF vulnerability in Gifford Cheung, Brian Watanabe, Chongsun Ahn Google Docs RSVP allows Stored XSS.This issue affects Google Docs RSVP: from n/a through 2.0.1...

CVE-2024-49672

Cross-Site Request Forgery CSRF vulnerability in giffordcheung Google Docs RSVP google-docs-rsvp-guestlist allows Stored XSS.This issue affects Google Docs RSVP: from n/a through = 2.0.1...

CVE-2024-49672 WordPress Google Docs RSVP plugin <= 2.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in giffordcheung Google Docs RSVP google-docs-rsvp-guestlist allows Stored XSS.This issue affects Google Docs RSVP: from n/a through = 2.0.1...

CVE-2024-49672 WordPress Google Docs RSVP plugin <= 2.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in giffordcheung Google Docs RSVP google-docs-rsvp-guestlist allows Stored XSS.This issue affects Google Docs RSVP: from n/a through = 2.0.1...

CVE-2024-49672

CVE-2024-49672 concerns the Google Docs RSVP WordPress plugin (versions n/a through 2.0.1). The entry documents a CSRF that enables Stored Cross-Site Scripting (XSS) in affected installs. Public details across connected sources consistently describe the issue as a CSRF to stored XSS vulnerability...

WordPress plugin Google Docs RSVP 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

PT-2024-33624 · Google · Google Docs Rsvp

Name of the Vulnerable Software and Affected Versions: Google Docs RSVP versions n/a through 2.0.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability and Stored XSS in Google Docs RSVP. Recommendations: For versions n/a through 2.0.1, update to a version that...

Malicious code in tds-styled-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e6fd1f1a79e054904c1996f83eaebf071439a273c6c1eb478e4f6c2fed1a2b58 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10254 Malicious code in tds-styled-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e6fd1f1a79e054904c1996f83eaebf071439a273c6c1eb478e4f6c2fed1a2b58 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Chinese Hackers Target Trump Campaign via Verizon Breach

Plus: Apple offers $1 million to hack its AI cloud infrastructure, Iranian hackers successfully peddle stolen Trump campaign docs, Russia hacks the nation of Georgia, and a “cyberattack” that wasn’t...

MAL-2024-9455 Malicious code in csm-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 64d16c1d6eb0822be5e65caced92f56b1f6160e2fafc6343c11694ce4eca80c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in csm-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 64d16c1d6eb0822be5e65caced92f56b1f6160e2fafc6343c11694ce4eca80c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

This Week in Spring - October 22nd, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring. I write this to you in an Uber speeding down the autobahn near Frankfurt, Germany. What a time to be alive! At the rate this driver's going, I won't have much time to write this before we've arrived, so let's dive right into...

WordPress Google Docs RSVP plugin <= 2.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

CSRF to Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Google Docs RSVP versions = 2.0.1...