Astra Linux - уязвимость в shadow

A vulnerability was discovered in Shadow 4.5. The newgidmap function part of shadow-utils is setuid, allowing an unprivileged user to be placed in a user namespace where setgroups2 is allowed. This enables an attacker to remove themselves from a supplementary group, potentially granting them acce...

CVE-2022-2034

The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers...

WordPress plugin Contact Form 7 – Dynamic Text Extension 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An information disclosure vulnerability exist...

CVE-2024-31259

Insertion of Sensitive Information into Log File vulnerability in Searchiq SearchIQ.This issue affects SearchIQ: from n/a through 4.5...

PT-2022-23109 · WordPress · The Image Hover Effects Css3 Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: The Image Hover Effects Css3 WordPress plugin versions 4.5 and earlier Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed,...

Web Port 授权问题漏洞

Web Port is a web-based SCADA data acquisition and monitoring system and HMI human machine interface system. A security vulnerability exists in Cynet 360 Web Portal versions prior to v4.5, which stems from a vulnerability that allows an attacker to access a list of excluded files and configuratio...

Reliability Rollup for Microsoft .NET Framework 4.5.2 and 4.6 on Vista and Server 2008 (KB3179949)

Reliability Rollup for Microsoft .NET Framework 4.5.2 and 4.6 on Vista and Server 2008 KB3179949...