AI-Powered Deception is a Menace to Our Societies

Wherever there’s been conflict in the world, propaganda has never been far away. Travel back in time to 515 BC and read the Behistun Inscription, an autobiography by Persian King Darius that discusses his rise to power. More recently, see how different newspapers report on wars, where it’s said,...

ZOO-Project 跨站脚本漏洞

ZOO-Project is an open source processing platform from ZOO-Project Open Source. A cross-site scripting vulnerability exists in ZOO-Project that stems from the EchoProcess service failing to perform proper security checks on SVG content when processing user input...

Azure Linux 3.0 Security Update: kernel (CVE-2010-4563)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2010-4563 advisory. - The Linux kernel, when using IPv6, allows remote attackers to determine whether a host is sniffing the networ...

CVE-2024-24842

Deserialization of Untrusted Data vulnerability in Echo Plugins Knowledge Base for Documentation, FAQs with AI Assistance.This issue affects Knowledge Base for Documentation, FAQs with AI Assistance: from n/a through 11.30.2...

Malicious code in otc-echo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b0e38efe6cfc6243284d736f8569dc30c9f94b10388d60d4f0f323fbb84cf5c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

The vulnerability of the CIP Message Handler component in Rockwell Automation’s programmable logic controllers ControlLogix 5580, CompactLogix 5380, Compact GuardLogix 5380 SIL 2, Compact GuardLogix 5380 SIL 3, CompactLogix 5480, FactoryTalk Logix Echo allows a intruder to trigger a service failure.

The vulnerability of the CIP Message Handler component in Rockwell Automation’s programmable logic controllers ControlLogix 5580, CompactLogix 5380, Compact GuardLogix 5380 SIL 2, Compact GuardLogix 5380 SIL 3, CompactLogix 5480, and FactoryTalk Logix Echo is related to errors in processing input...

Network Policy Bypass

github.com/cilium/cilium is vulnerable to Network Policy Bypass. The vulnerability is due to the inherent design of ICMP traffic handling in conjunction with specific network policy settings in Cilium, allows ICMP Echo Requests to bypass intended restrictions...

Rockwell Automation多款产品 安全漏洞

Rockwell Automation ControlLogix and others are products of Rockwell Automation, Inc.Rockwell Automation ControlLogix is a controller.Rockwell Automation GuardLogix Rockwell Automation GuardLogix is a series of controllers.Rockwell Automation CompactLogix is a series of controllers. A security...

WordPress Echo RSS Feed Post Generator plugin <= 5.4.6 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by Tonn in WordPress Plugin Echo RSS Feed Post Generator Plugin for WordPress versions = 5.4.6...

CVE-2024-9265

The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.4.6. This is due to the plugin not properly restricting the roles that can set during registration through the echocheckpostheadersent function. This makes it possib...

CVE-2024-9265

The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.4.6. This is due to the plugin not properly restricting the roles that can set during registration through the echocheckpostheadersent function. This makes it possib...

CVE-2024-9265

CVE-2024-9265 describes a privilege-escalation in the WordPress plugin Echo RSS Feed Post Generator . The vulnerability arises because the plugin does not properly restrict which roles can be set during registration via the echo_check_post_header_sent() function, enabling unauthenticated attacker...

VulnCheck KEV: CVE-2024-9265

The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.4.6. This is due to the plugin not properly restricting the roles that can set during registration through the echocheckpostheadersent function. This makes...

WordPress Echo RSS Feed Post Generator Plugin for WordPress Plugin <= 5.4.6 is vulnerable to Privilege Escalation

Software Echo RSS Feed Post Generator Plugin for WordPress Type Plugin Vulnerable versions = 5.4.6 Fixed in 5.4.7 OWASP Top 10 A4: Insecure Design Classification Privilege Escalation CVE CVE-2024-9265 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 2e4345a54622 Credits...

FreeBSD : FreeBSD -- pf incorrectly matches different ICMPv6 states in the state table (f140cff0-771a-11ef-9a62-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f140cff0-771a-11ef-9a62-002590c1f29c advisory. In ICMPv6 Neighbor Discovery ND, the ID is always 0. When pf is configured to allow ND and block incomi...

CVE-2024-31168

Out-of-bounds Read vulnerability in Open Networking Foundation ONF libfluid libfluidmsg module. This vulnerability is associated with program routine fluidmsg::EchoCommon::unpack. This issue affects libfluid: 0.1.0...

VulnCheck KEV: CVE-2023-38817

An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echodriver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by...

Endress+Hauser Echo Curve Viewer 代码注入漏洞

Endress+Hauser Echo Curve Viewer is an echo curve viewer from Endress+Hauser, Switzerland. A code injection vulnerability exists in Endress+Hauser Echo Curve Viewer version 5.2.2.6 and prior versions, which originates from the fact that an unauthenticated, remote attacker can run malicious c code...

PT-2024-37745 · Endress+Hauser · Fieldcare +1

Name of the Vulnerable Software and Affected Versions: Endress+Hauser products, including Echo Curve Viewer and FieldCare software affected versions not specified Description: An unauthenticated remote attacker can run malicious C code included in curve files and execute commands in the user's...

GO-2022-0393 Network policy may be bypassed by some ICMP Echo Requests in github.com/cilium/cilium

Network policy may be bypassed by some ICMP Echo Requests in github.com/cilium/cilium...