200 matches found
Amazon Linux 2 : docker (ALASECS-2024-041)
The version of docker installed on the remote host is prior to 25.0.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2024-041 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read man...
WordPress plugin Request a Quote 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
Fortinet FortiExtender 访问控制错误漏洞
Fortinet FortiExtender is a wireless WAN wide area network extender device from Fortinet. An Access Control Error vulnerability exists in Fortinet FortiExtender, which stems from the presence of improper access control and can be exploited by an attacker to create a user with elevated privileges...
UBUNTU-CVE-2024-38081
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability...
WordPress Plugin EazyDocs Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress Plugin Video Widget Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...
WordPress plugin Gianism 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress plugin Pet Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
Veeam Backup Enterprise Manager 安全漏洞
Veeam Backup Enterprise Manager is a centralized management and monitoring tool from Veeam USA. A security vulnerability exists in Veeam Backup Enterprise Manager that originates from allowing an elevated privilege user to read backup session logs...
WordPress Plugin Survey Maker 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
SolarWinds Serv-U FTP Server 日志信息泄露漏洞
SolarWinds Serv-U FTP Server is a suite of FTP and MFT file transfer software from the U.S. company SolarWinds. A log information disclosure vulnerability exists in SolarWinds Serv-U FTP Server 15.4.2 and earlier versions, which stems from log file path labels that are not properly cleaned up,...
CVE-2024-22437
A potential security vulnerability has been identified in VSS Provider and CAPI Proxy software for certain HPE MSA storage products. This vulnerability could be exploited to gain elevated privilege on the system...
CVE-2024-22437
CVE-2024-22437 affects HPE MSA SAN Storage VSS Provider and CAPI Proxy software. Vulnerability allows elevation of privilege on affected MSA storage products via a local attack with low privileges and required user interaction. Impact is reported as high for confidentiality, integrity, and availa...
WordPress Plugin Everest Backup 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
SAP Asset Accounting 安全漏洞
SAP Asset Accounting is an asset accounting program from SAP, Germany. It is used to manage and monitor fixed assets. A security vulnerability exists in SAP Asset Accounting that stems from allowing an elevated-privilege attacker to exploit insufficient authentication of user-supplied path...
SUSE SLES15 Security Update : docker (SUSE-SU-2024:0586-2)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0586-2 advisory. Vendor latest buildkit v0.11 including bugfixes for the following: CVE-2024-23653: BuildKit API doesn't validate entitlement on...
CVE-2024-23653
CVE-2024-23653 involves BuildKit allowing a container with elevated privileges via interactive APIs unless entitlement checks are enforced. Description notes that privileged containers are normally gated by security.insecure entitlement and user authorization, and that the issue has been fixed in...
WordPress plugin Wp-Adv-Quiz security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability in the WordPress...
WordPress plugin EventON security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress Plugin User Registration Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...