EUVD-2023-54354

Malicious code in bioql PyPI...

PT-2023-29172 · Mediavine · Mediavine Control Panel

Name of the Vulnerable Software and Affected Versions: Mediavine Mediavine Control Panel plugin versions = 2.10.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the use...

CVE-2021-26588

A potential security vulnerability has been identified in HPE 3PAR StoreServ, HPE Primera Storage and HPE Alletra 9000 Storage array firmware. An unauthenticated user could remotely exploit the low complexity issue to execute code as administrator. This vulnerability impacts completely the...

DEBIAN-CVE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate this...

Local File Disclosure via Word Export in Confluence Server - CVE-2019-3394

Confluence Server and Data Center had a local file disclosure vulnerability in the page export function. A remote attacker who has Add Page space permission would be able to read arbitrary files in the /confluence/WEB-INF/ directory and it's subdirectories, which may contain configuration files...