CVE-2023-25038

Cross-Site Request Forgery CSRF vulnerability in 984.Ru For the visually impaired plugin = 0.58 versions...

EUVD-2023-12694

Malicious code in bioql PyPI...

EUVD-2023-29017

Malicious code in bioql PyPI...

FreeBSD : Gitlab -- vulnerabilities (5683b3a7-683d-11f0-966e-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 5683b3a7-683d-11f0-966e-2cf05da270f3 advisory. Gitlab reports: Cross-site scripting issue impacts Kubernetes Proxy in GitLab CE/EE Cross-site...

We can try to bridge the cybersecurity skills gap, but that doesn’t necessarily mean more jobs for defenders

I have written about the dreaded " cybersecurity skills gap" more times than I can remember in this newsletter, but I feel like it's time to revisit this topic again. That's because the White House announced a new initiative last week for the U.S. government called the " Service for America"...

PUB-A-319099367

there is a possible persistent Denial of Service due to test/debugging code left in a production build. This could lead to local denial of service of impaired use of the device with no additional execution privileges needed. User interaction is not needed for exploitation...

Drupal core Denial of Service

A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are rebuilt...

CVE-2023-25038

Cross-Site Request Forgery CSRF vulnerability in 984.Ru For the visually impaired plugin = 0.58 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in 984.Ru For the visually impaired plugin = 0.58 versions...

CVE-2023-25038

CVE-2023-25038 refers to a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin “For the visually impaired” (984.Ru) versions ≤ 0.58. The vulnerability status is supported by multiple feeds in Connected documents, including Red Hat and NVD entries, which describe CSRF exposure ...

CVE-2023-25038 WordPress For the visually impaired Plugin <= 0.58 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in 984.Ru For the visually impaired plugin = 0.58 versions...

CVE-2023-25038 WordPress For the visually impaired Plugin <= 0.58 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in 984.Ru For the visually impaired plugin = 0.58 versions...

WordPress plugin For the visually impaired 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

WordPress For the visually impaired Plugin <= 0.58 is vulnerable to Cross Site Request Forgery (CSRF)

Software For the visually impaired Type Plugin Vulnerable versions = 0.58 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25038 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 67466600775f Credits Rio Darmawan...

For the visually impaired <= 0.58 - Cross-Site Request Forgery (CSRF)

The plugin does not protect its vipluginsetupmenu function against CSRF attacks, allowing an unauthenticated attacker to update plugin settings by tricking a logged in user to submit a crafted request...

CVE-2022-2795

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service...

Unused WJLP can't be simply unwrapped

Handle kenzo Vulnerability details WJLP can only be unwrapped from the Active Pool or Stability Pool. A user who decided to wrap his JLP, but not use all of them in a trove, Wouldn't be able to just unwrap them. Impact Impaired functionality for users. Would have to incur fees for simple...

Design/Logic Flaw

In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active...

CVE-2016-8627

admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download server log files that allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough...

Fedora Update for emacspeak FEDORA-2008-8423

Check for the Version of emacspeak OpenVAS Vulnerability Test Fedora Update for emacspeak FEDORA-2008-8423 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...