WordPress Abandoned Cart Lite For WooCommerce 5.14.2 Authentication Bypass

Entering the URL in browser will give you access to the respective users account. If the wordpress admin user himself...

Internet Bug Bounty: Use of Cryptographically Weak Pseudo-Random Number Generator in WebCrypto keygen

A weak randomness vulnerability existed in WebCrypto keygen in Node.js 18, due to a change in EntropySource in SecretKeyGenTraits::DoKeyGen in src/crypto/cryptokeygen.cc. The vulnerability allowed for the possibility of non-cryptographically strong random data being used as keying material...

Lone Wolf loadingDOCS Insecure Permissions

EZMAX SECURITY ADVISORY https://www.ezmax.ca/ Product: Loading Docs Vendor: Lone Wolf Technologies http://www.lwolf.com CVE ID: CVE-2018-15502 NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-15502 Subject: Insecure permissions allow remote attackers to download any confidential files via http...

Security Advisory - NTPd Security Vulnerability in Multiple Huawei Products

Huawei was notified about information released by NTP.org and CERT/CC regarding stack buffer overflow security vulnerabilities CVE-2014-9295 in NTP daemon ntpd on December 19th, 2014. Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary cod...

SOL14468 - Client-side component flaw CVE-2013-0150

Vulnerability Recommended Actions To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. A fixed client component will automatically be downloaded the next time a client is authenticated to the APM or FirePass...