object-deep-assign Prototype Pollution

alexbinary object-deep-assign 1.0.11 is vulnerable to Prototype Pollution via the extend method of Module.deepAssign /src/index.js...

CVE-2024-36582

alexbinary object-deep-assign 1.0.11 is vulnerable to Prototype Pollution via the extend method of Module.deepAssign /src/index.js...

PT-2024-27081 · Alexbinary · Object-Deep-Assign

Name of the Vulnerable Software and Affected Versions: alexbinary object-deep-assign version 1.0.11 Description: The issue concerns a Prototype Pollution vulnerability via the extend method of Module.deepAssign, located in /src/index.js. Recommendations: For alexbinary object-deep-assign version...

object-deep-assign Prototype Pollution

alexbinary object-deep-assign 1.0.11 is vulnerable to Prototype Pollution via the extend method of Module.deepAssign /src/index.js...

object-deep-assign security vulnerability

object-deep-assign is a library by Alex Binary Personal Developer. A security vulnerability exists in object-deep-assign version 1.0.11, which stems from easy prototype contamination via extend in Module.deepAssign /src/index.js...

Fedora: Security Advisory for rust-uu_truncate (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-uu_truncate (FEDORA-2024-ce2936b568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

vantage6 collaboration admins can extend their influence by expanding the collaboration

Impact Collaboration administrators can add extra organizations to their collaboration. When doing that, they extend their influence: for instance, for organizations that they include, they can then create new users for which they know the passwords, and use that to read task results of other...

DEBIAN-CVE-2021-47365

In the Linux kernel, the following vulnerability has been resolved: afs: Fix page leak There's a loop in afsextendwriteback that adds extra pages to a write we want to make to improve the efficiency of the writeback by making it larger. This loop stops, however, if we hit a page we can't write ba...

Extend Themes <= (Multiple Versions) - Cross-Site Request Forgery

Description Several Extend Themes themes for WordPress are vulnerable to Cross-Site Request Forgery in multiple versions. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to perform unauthorized actions via a forged request granted they ca...

CVE-2024-34809

Cross-Site Request Forgery CSRF vulnerability in Extend Themes EmpowerWP.This issue affects EmpowerWP: from n/a through 1.0.21...

CVE-2024-34809

Cross-Site Request Forgery CSRF vulnerability in Extend Themes EmpowerWP.This issue affects EmpowerWP: from n/a through 1.0.21...

CVE-2024-34809

CVE-2024-34809 is a CSRF vulnerability in EmpowerWP (Extend Themes EmpowerWP) affecting EmpowerWP versions up to 1.0.21. The related Red Hat and Wordfence entries confirm Cross-Site Request Forgery enabling notice dismissal. Patch status in the vulnerability record indicates EmpowerWP

CVE-2024-33782

MP-SPDZ v0.3.8 was discovered to contain a stack overflow via the function OTExtensionWithMatrix::extend in /OT/OTExtensionWithMatrix.cpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted message...

CVE-2024-33782

CVE-2024-33782 affects MP-SPDZ v0.3.8. The vulnerability is a stack overflow in OTExtensionWithMatrix::extend (location: /OT/OTExtensionWithMatrix.cpp) that can cause a Denial of Service via a crafted message. Public sources in the connected data confirm the vulnerable component and impact. There...

CVE-2024-33686

Missing Authorization vulnerability in Extend Themes Pathway, Extend Themes Hugo WP, Extend Themes Althea WP, Extend Themes Elevate WP, Extend Themes Brite, Extend Themes Colibri WP, Extend Themes Vertice.This issue affects Pathway: from n/a through 1.0.15; Hugo WP: from n/a through 1.0.8; Althea...

CVE-2024-33686

CVE-2024-33686 is a Missing Authorization vulnerability affecting multiple Extend Themes products (Pathway until 1.0.15; Hugo WP until 1.0.8; Althea WP until 1.0.13; Elevate WP until 1.0.15; Brite until 1.0.11; Colibri WP until 1.0.94; Vertice until 1.0.7). The CVE has a CVSSv3.1 base score of 4....

CVE-2024-33686 Broken Access Control vulnerability affecting multiple WordPress themes by Extend Themes

Missing Authorization vulnerability in Extend Themes Pathway, Extend Themes Hugo WP, Extend Themes Althea WP, Extend Themes Elevate WP, Extend Themes Brite, Extend Themes Colibri WP, Extend Themes Vertice.This issue affects Pathway: from n/a through 1.0.15; Hugo WP: from n/a through 1.0.8; Althea...

CVE-2024-33686 Broken Access Control vulnerability affecting multiple WordPress themes by Extend Themes

Missing Authorization vulnerability in Extend Themes Pathway, Extend Themes Hugo WP, Extend Themes Althea WP, Extend Themes Elevate WP, Extend Themes Brite, Extend Themes Colibri WP, Extend Themes Vertice.This issue affects Pathway: from n/a through 1.0.15; Hugo WP: from n/a through 1.0.8; Althea...

PT-2024-25441 · Extend Themes · Extend Themes Colibri Wp +6

Name of the Vulnerable Software and Affected Versions: Extend Themes Pathway versions 1.0.15 and earlier Extend Themes Hugo WP versions 1.0.8 and earlier Extend Themes Althea WP versions 1.0.13 and earlier Extend Themes Elevate WP versions 1.0.15 and earlier Extend Themes Brite versions 1.0.11 an...