Lucene search
+L

419 matches found

redhat
redhat
added 2024/04/29 11:38 a.m.3 views

buildah: full container escape at build time

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

8.6CVSS6.9AI score0.0049EPSS
Exploits0References7
nvd
nvd
added 2024/04/18 9:15 a.m.16 views

CVE-2024-32599

Improper Control of Generation of Code 'Code Injection' vulnerability in Deepak anand WP Dummy Content Generator wp-dummy-content-generator.This issue affects WP Dummy Content Generator: from n/a through = 3.2.1...

10CVSS9.7AI score0.00701EPSS
Exploits0References2
cve
cve
added 2024/04/18 8:24 a.m.73 views

CVE-2024-32599

CVE-2024-32599 is an unauthenticated code injection vulnerability in the WordPress plugin WP Dummy Content Generator up to version 3.2.1. The issue is described as an Improper Control of Generation of Code, enabling arbitrary code execution. The CVSS scope is CHANGED with a base score of 10.0, ve...

10CVSS5.9AI score0.00701EPSS
Exploits0References2
cvelist
cvelist
added 2024/04/18 8:24 a.m.25 views

CVE-2024-32599 WordPress WP Dummy Content Generator plugin <= 3.2.1 - Arbitrary Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Deepak anand WP Dummy Content Generator wp-dummy-content-generator.This issue affects WP Dummy Content Generator: from n/a through = 3.2.1...

10CVSS9.8AI score0.00701EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/04/18 12:0 a.m.4 views

WordPress Plugin WP Dummy Content Generator 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in...

10CVSS7.4AI score0.00701EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/04/18 12:0 a.m.7 views

PT-2024-24721 · Deepak Anand · Wp Dummy Content Generator

Name of the Vulnerable Software and Affected Versions: WP Dummy Content Generator versions 3.2.1 and earlier Description: The issue is related to an Improper Control of Generation of Code 'Code Injection' vulnerability in Deepak anand WP Dummy Content Generator. Recommendations: For WP Dummy...

10CVSS6.6AI score0.00701EPSS
Exploits0References4
patchstack
patchstack
added 2024/04/16 3:49 p.m.4 views

WordPress WP Dummy Content Generator plugin <= 3.2.1 - Arbitrary Code Execution vulnerability

Arbitrary Code Execution vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin WP Dummy Content Generator versions = 3.2.1...

10CVSS7.3AI score0.00701EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2024/04/16 12:0 a.m.14 views

WordPress WP Dummy Content Generator Plugin <= 3.2.1 is vulnerable to Arbitrary Code Execution

Software WP Dummy Content Generator Type Plugin Vulnerable versions = 3.2.1 Fixed in 3.3.0 OWASP Top 10 A6: Vulnerable and Outdated Components Classification Arbitrary Code Execution CVE CVE-2024-32599 Patch priority Low CVSS severity Low 10 Developer Deepak Anand PSID 517305868c49 Credits...

10CVSS6.7AI score0.00701EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2024/04/02 12:0 a.m.18 views

PT-2024-21455 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the x86/efistub in the Linux kernel, where the .compat section, a dummy PE section containing the address of the 32-bit entrypoint of the 64-bit kernel image, i...

9.8CVSS6.4AI score0.02386EPSS
Exploits7References903
veracode
veracode
added 2024/03/27 6:48 a.m.25 views

Container Escape

github.com/containers/buildah is vulnerable to container escape. The vulnerability is due to improper Containerfile validation which allows a dummy image with a symbolic link to the host's root filesystem as a mount source. This flaw enabling the mount operation to incorporate the host root...

8.6CVSS7AI score0.0049EPSS
Exploits0References27Affected Software3
nvd
nvd
added 2024/03/26 9:15 a.m.15 views

CVE-2024-24805

Missing Authorization vulnerability in Deepak anand WP Dummy Content Generator.This issue affects WP Dummy Content Generator: from n/a through 3.1.2...

5.3CVSS4.7AI score0.00359EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/03/26 9:7 a.m.11 views

CVE-2024-24805 WordPress WP Dummy Content Generator plugin <= 3.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Deepak anand WP Dummy Content Generator.This issue affects WP Dummy Content Generator: from n/a through 3.1.2...

5.3CVSS8.6AI score0.00359EPSS
Exploits0References1
cve
cve
added 2024/03/26 9:7 a.m.81 views

CVE-2024-24805

CVE-2024-24805 : WordPress plugin WP Dummy Content Generator has a Broken Access Control/Missing Authorization vulnerability affecting versions ≤ 3.1.2. The issue allows unauthorized operations due to insufficient capability checks in wp_dummy_content_generatorDeletePosts() and wp_dummy_content_g...

5.3CVSS8.6AI score0.00359EPSS
Exploits0References1
cvelist
cvelist
added 2024/03/26 9:7 a.m.23 views

CVE-2024-24805 WordPress WP Dummy Content Generator plugin <= 3.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Deepak anand WP Dummy Content Generator.This issue affects WP Dummy Content Generator: from n/a through 3.1.2...

5.3CVSS5AI score0.00359EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/03/26 12:0 a.m.7 views

WordPress Plugin WP Dummy Content Generator 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

4.3CVSS8.7AI score0.00359EPSS
Exploits0References2
osv
osv
added 2024/03/18 3:15 p.m.4 views

UBUNTU-CVE-2024-1753

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

8.6CVSS6.8AI score0.0049EPSS
Exploits0References6
wpvulndb
wpvulndb
added 2024/02/05 12:0 a.m.21 views

WP Dummy Content Generator < 3.1.3 - Missing Authorization

Description The WP Dummy Content Generator plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability check son the wpdummycontentgeneratorDeletePosts and wpdummycontentgeneratorAjaxGenPosts functions in versions up to, and including, 3.1.2. This makes it...

4CVSS6.4AI score0.00359EPSS
Exploits0References1Affected Software1
patchstack
patchstack
added 2024/02/02 12:0 a.m.12 views

WordPress WP Dummy Content Generator Plugin <= 3.1.2 is vulnerable to Broken Access Control

Software WP Dummy Content Generator Type Plugin Vulnerable versions = 3.1.2 Fixed in 3.1.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-24805 Patch priority Low CVSS severity Low 4.3 Developer Deepak Anand PSID cb426eb88b79 Credits Huynh Tien Si Require...

4.3CVSS6.6AI score0.00359EPSS
Exploits0References2Affected Software1
veracode
veracode
added 2023/12/14 7:52 a.m.22 views

Improper Certificate Validation

jruby-openssl is vulnerable to Improper Certificate Validation. The vulnerability is due to incorrect hashing of certificate names in X509Name.java and insufficient checking of certificate path lengths in StoreContext.java. This allows an attacker to trick the client application into believing th...

7.5CVSS6.6AI score0.006EPSS
Exploits0References6Affected Software1
osv
osv
added 2023/07/10 4:15 p.m.1 views

CVE-2023-37392

Cross-Site Request Forgery CSRF vulnerability in Deepak Anand WP Dummy Content Generator plugin = 2.3.0 versions...

8.8CVSS7.3AI score0.00331EPSS
Exploits0References1
Rows per page
Query Builder