608 matches found
CVE-2024-9146 WordPress CSS JS Files plugin <= 1.5.0 - Directory Traversal to File Read vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in jamesdlow CSS JS Files css-js-files allows Path Traversal.This issue affects CSS JS Files: from n/a through = 1.5.0...
CVE-2024-9146 WordPress CSS JS Files plugin <= 1.5.0 - Directory Traversal to File Read vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in jamesdlow CSS JS Files css-js-files allows Path Traversal.This issue affects CSS JS Files: from n/a through = 1.5.0...
[SECURITY] Fedora 40 Update: mingw-expat-2.6.3-1.fc40
This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...
[SECURITY] Fedora 39 Update: mingw-expat-2.6.3-1.fc39
This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...
[SECURITY] Fedora 40 Update: expat-2.6.3-1.fc40
This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...
Drupal Paragraphs table module < 1.23.0,2.0.0-2.0.1 - Authenticated Multiple Vulnerabilities
Authenticated Multiple Vulnerabilities discovered by James Williams in WordPress Module Paragraphs table versions 1.23.0,2.0.0-2.0.1...
Log4Shell HTTP Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Log4Shell HTTP Scanner', 'Description' = %q Versions of Apache Log4j2 impacted by CVE-2021-44228 which allow JNDI features used in configuration,...
CVE-2024-43915
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Dylan James Zephyr Project Manager allows Reflected XSS.This issue affects Zephyr Project Manager: from n/a through .3.102...
CVE-2024-43916
Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.102...
CVE-2024-43915
CVE-2024-43915 affects the Zephyr Project Manager WordPress plugin (versions up to 3.3.102). The issue is a Reflected Cross-Site Scripting (XSS) vulnerability arising from improper input neutralization during page generation. Public documentation from Patchstack cites vulnerable versions
CVE-2024-43916 WordPress Zephyr Project Manager plugin <= 3.3.102 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.102...
CVE-2024-43916
CVE-2024-43916 : Zephyr Project Manager WordPress plugin vulnerable to an Authorization Bypass Through User-Controlled Key (IDOR). Affects Zephyr Project Manager versions
CVE-2024-43322
Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.100...
CVE-2024-43322
Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.100...
CVE-2024-38761
CVE-2024-38761 is a vulnerability in the WordPress Zephyr Project Manager plugin, affecting Zephyr Project Manager versions n/a through 3.3.99 (i.e.,
CVE-2024-38761 WordPress Zephyr Project Manager plugin <= 3.3.99 - Sensitive Data Exposure via Export File vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.99...
Ubuntu 24.04 LTS : provd vulnerability (USN-6912-1)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6912-1 advisory. James Henstridge discovered that provd incorrectly handled environment variables. A local attacker could possibly use this issue to run arbitrary programs and...
Oracle Primavera Unifier (Jul 2024 CPU)
The versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Integration Apache James MIME4J. Supported versio...
CVE-2024-37484 WordPress Zephyr Project Manager plugin <= 3.3.97 - Privilege Escalation vulnerability
Improper Privilege Management vulnerability in Dylan James Zephyr Project Manager allows Privilege Escalation.This issue affects Zephyr Project Manager: from n/a through 3.3.97...
James Bamford on Section 702 Extension
Longtime NSA-watcher James Bamford has a long article on the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act FISA...