196 matches found
Malicious code in co-in-mas-ter-free-spins-trhgrfr (npm)
The package co-in-mas-ter-free-spins-trhgrfr was found to contain malicious code...
MAL-2025-43837 Malicious code in co-in-mas-ter-free-spins-rthrtg (npm)
The package co-in-mas-ter-free-spins-rthrtg was found to contain malicious code...
MAL-2025-46647 Malicious code in working-april-co-in-mas-ter-free-spins-rthrtg (npm)
The package working-april-co-in-mas-ter-free-spins-rthrtg was found to contain malicious code...
CVE-2024-49233
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MadrasThemes MAS Elementor mas-addons-for-elementor allows DOM-Based XSS.This issue affects MAS Elementor: from n/a through = 1.1.6...
CVE-2024-8483
The MAS Static Content plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.8 via the staticcontent function. This makes it possible for authenticated attackers, with contributor-level access and above, to extract potentially sensitive information...
CVE-2024-27461
Incorrect default permissions in software installer for IntelR MAS GUI may allow an authenticated user to potentially enable denial of service via local access...
CVE-2023-36490
Improper initialization in some IntelR MAS software before version 2.3 may allow an authenticated user to potentially enable denial of service via local access...
Security Bulletin: There is a vulnerability in IBM Maximo Manage application that could allow an unauthenticated path-traversal leading to an arbitrary file disclosure (CVE-2024-22328)
Summary There is a vulnerability in IBM Maximo Manage application that could allow an unauthenticated path-traversal leading to an arbitrary file disclosure. Vulnerability Details CVEID:CVE-2024-22328 DESCRIPTION: IBM Maximo Application Suite 8.10 and 8.11 could allow a remote attacker to travers...
Security Bulletin: IBM Maximo Asset Management - A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2024-22354)
Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera, and...
PT-2025-2205 · WordPress · Mailup Auto Subscription
Name of the Vulnerable Software and Affected Versions: MailUp Auto Subscription plugin for WordPress version 1.1.0 and earlier Description: The issue is due to missing or incorrect nonce validation on the mas options function, making it possible for unauthenticated attackers to update settings an...
CVE-2024-12328
The MAS Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, ...
CVE-2024-12328
CVE-2024-12328 affects MAS Elementor for WordPress. The flaw is Stored XSS via SVG uploads in all versions up to 1.1.7, exploitable by authenticated attackers with Author+ privileges to inject scripts that run when a user views the SVG. Connected sources indicate Patch Status: Patched; ongoing gu...
CVE-2024-12328 MAS Elementor <= 1.1.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG
The MAS Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, ...
CVE-2024-12328 MAS Elementor <= 1.1.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG
The MAS Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, ...
WordPress plugin MAS Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-34164
Uncontrolled search path element in some IntelR MAS software before version 2.5 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2024-34164
Intel MAS software before version 2.5 contains an Uncontrolled search path element that may allow an authenticated local user to escalate privileges. Affected product: Intel® MAS software prior to 2.5. Root cause: improper handling of search paths. Impact: local privilege escalation with high imp...
CVE-2024-34164
Uncontrolled search path element in some IntelR MAS software before version 2.5 may allow an authenticated user to potentially enable escalation of privilege via local access...
Intel® MAS Software Advisory
Summary: A potential security vulnerability in some Intel® Memory and Storage Tool Intel® MAS software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-34164 Description: Uncontrolled search pat...
CVE-2024-49233
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MadrasThemes MAS Elementor mas-addons-for-elementor allows DOM-Based XSS.This issue affects MAS Elementor: from n/a through = 1.1.6...