autoxx (>=0.0.11 <=0.0.13), vuln-demo-math-ops (=1.0.0) potentially affected by CVE-2024-6091 via agpt (=0.2.2)

agpt PYPI version =0.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on agpt and may be impacted: - autoxx =0.0.11, =0.0.13 - vuln-demo-math-ops =1.0.0 Source cves: CVE-2024-6091 Source advisory: OSV:GHSA-G84Q-54HF-36RG...

In Go before 1.15.13 and 1.16.x before 1.16.5 there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method.

...

cauuu (>=0.1.0 <=0.1.1), cosmwasm-simulate (>=0.13.2 <=0.13.6) +10 more potentially affected by unknown CVE via cosmwasm-vm (>=0.10.1 <=0.9.4)

cosmwasm-vm CARGO version =0.10.1, =0.1.0, =0.13.2, =0.4.0, =0.4.0, =0.2.0, =0.4.0, =0.2.0, =0.2.1, =0.1.12, =0.1.13 - terra-math =0.0.0 - terraswap =1.0.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0366...

CVE-2024-43404 Remote Code Execution Vulnerability in MEGABOT

MEGABOT is a fully customized Discord bot for learning and fun. The /math command and functionality of MEGABOT versions 1.5.0 contains a remote code execution vulnerability due to a Python eval. The vulnerability allows an attacker to inject Python code into the expression parameter when using...

CVE-2024-43404 Remote Code Execution Vulnerability in MEGABOT

MEGABOT is a fully customized Discord bot for learning and fun. The /math command and functionality of MEGABOT versions 1.5.0 contains a remote code execution vulnerability due to a Python eval. The vulnerability allows an attacker to inject Python code into the expression parameter when using...

PT-2024-30562 · Megabot +1 · Megabot +1

Name of the Vulnerable Software and Affected Versions: MEGABOT versions prior to 1.5.0 Description: The /math command in MEGABOT contains a remote code execution issue due to a Python eval function. This allows an attacker to inject Python code into the expression parameter when using /math in an...

CVE-2024-21766

Uncontrolled search path for some IntelR oneAPI Math Kernel Library software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-21766

Uncontrolled search path for some IntelR oneAPI Math Kernel Library software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-21766

CVE-2024-21766 involves an uncontrolled search path in Intel® oneAPI Math Kernel Library (MKL) software before version 2024.1, which may allow an authenticated local user to escalate privileges. Connected sources confirm affected products: Intel® oneAPI MKL and Intel® oneAPI Base Toolkit prior to...

CVE-2024-21766

Uncontrolled search path for some IntelR oneAPI Math Kernel Library software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

PT-2024-19044 · Intel · Intel Oneapi Math Kernel Library

Name of the Vulnerable Software and Affected Versions: IntelR oneAPI Math Kernel Library versions prior to 2024.1 Description: The issue is related to an uncontrolled search path in some IntelR oneAPI Math Kernel Library software. This may allow an authenticated user to potentially enable...

RHEL 7 : etcd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - golang: net: lookup functions may return invalid host names CVE-2021-33195 - In Go before 1.15.13 and...

WordPress Rank Math SEO plugin < 1.0.219 - Authenticated Stored XSS vulnerability

Authenticated Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Rank Math SEO versions 1.0.219...

CVE-2024-4627

The Rank Math SEO WordPress plugin before 1.0.219 does not sanitise and escape some of its settings, which could allow users with access to the General Settings by default admin, however such access can be given to lower roles via the Role Manager feature of the Rank Math SEO WordPress plugin...

CVE-2024-4627

The Rank Math SEO WordPress plugin before 1.0.219 does not sanitise and escape some of its settings, which could allow users with access to the General Settings by default admin, however such access can be given to lower roles via the Role Manager feature of the Rank Math SEO WordPress plugin...

CVE-2024-4627 Rank Math SEO < 1.0.219 - Authenticated Stored XSS

The Rank Math SEO WordPress plugin before 1.0.219 does not sanitise and escape some of its settings, which could allow users with access to the General Settings by default admin, however such access can be given to lower roles via the Role Manager feature of the Rank Math SEO WordPress plugin...

CVE-2024-4627 Rank Math SEO < 1.0.219 - Authenticated Stored XSS

The Rank Math SEO WordPress plugin before 1.0.219 does not sanitise and escape some of its settings, which could allow users with access to the General Settings by default admin, however such access can be given to lower roles via the Role Manager feature of the Rank Math SEO WordPress plugin...

CVE-2024-4627

CVE-2024-4627 affects Rank Math SEO for WordPress prior to 1.0.219. It is an authenticated Stored XSS due to insufficient sanitisation/escaping of settings, exploitable by users with access to General Settings (admin by default, but grantable via Role Manager in

WordPress Plugin Rank Math SEO Security Vulnerability

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.Rank Math SEO is a search engine optimization SEO plugin used in...

WordPress Rank Math SEO Plugin < 1.0.219 is vulnerable to Cross Site Scripting (XSS)

Software Rank Math SEO Type Plugin Vulnerable versions 1.0.219 Fixed in 1.0.219 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4627 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ad021b2fbe4b Credits Dmitrii Ignatyev Require...