1226 matches found
CVE-2024-56170
A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI manifests are listings of relevant files that clients are supposed to verify. Assuming everything else is correct, the most recent version of a manifest should be prioritized over other versions, to prevent...
CVE-2024-56170
A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI manifests are listings of relevant files that clients are supposed to verify. Assuming everything else is correct, the most recent version of a manifest should be prioritized over other versions, to prevent...
CVE-2024-56170
A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI manifests are listings of relevant files that clients are supposed to verify. Assuming everything else is correct, the most recent version of a manifest should be prioritized over other versions, to prevent...
PT-2024-36729 · Fort +1 · Fort +1
Name of the Vulnerable Software and Affected Versions: Fort versions 1.6.4 and earlier, before 2.0.0 Description: A validation integrity issue was discovered in the product. RPKI manifests, which are listings of relevant files that clients are supposed to verify, contain the manifestNumber and...
CVE-2024-56170
A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI manifests are listings of relevant files that clients are supposed to verify. Assuming everything else is correct, the most recent version of a manifest should be prioritized over other versions, to prevent...
GO-2024-3330 Potential Vulnerabilities Due to Outdated golang.org/x/crypto Dependency in NanoProxy in github.com/ryanbekhen/nanoproxy
Potential Vulnerabilities Due to Outdated golang.org/x/crypto Dependency in NanoProxy in github.com/ryanbekhen/nanoproxy...
Potential Vulnerabilities Due to Outdated golang.org/x/crypto Dependency in NanoProxy
A security issue was identified in the NanoProxy project related to the golang.org/x/crypto dependency. The project was using an outdated version of this dependency, which potentially exposed the system to security vulnerabilities that have been addressed in subsequent updates. Impact: The specif...
GHSA-7PRJ-HGX4-2XC3 Potential Vulnerabilities Due to Outdated golang.org/x/crypto Dependency in NanoProxy
A security issue was identified in the NanoProxy project related to the golang.org/x/crypto dependency. The project was using an outdated version of this dependency, which potentially exposed the system to security vulnerabilities that have been addressed in subsequent updates. Impact: The specif...
PT-2024-11994 · Zendesk · Zendesk Support For Wordpress
Name of the Vulnerable Software and Affected Versions: Zendesk Support for WordPress versions 1.8.4 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions...
FreeBSD : qt6-webengine -- Multiple vulnerabilities (c2fd83e4-b450-11ef-b680-4ccc6adda413)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the c2fd83e4-b450-11ef-b680-4ccc6adda413 advisory. Qt qtwebengine-chromium repo reports: Backports for 5 security bugs in Chromium: Tenable has...
WordPress plugin The Plus Addons for Elementor Page Builder Lite 跨站脚本漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress plugin The Plus...
GHSA-M7XQ-9374-9RVX Mongoose search injection vulnerability
Mongoose versions prior to 8.8.3, 7.8.3, 6.13.5, and 5.13.23 are vulnerable to improper use of the $where operator. This vulnerability arises from the ability of the $where clause to execute arbitrary JavaScript code in MongoDB queries, potentially leading to code injection attacks and unauthoriz...
PT-2024-8801
Name of the Vulnerable Software and Affected Versions ProjectSend versions prior to r1720 Description The issue is related to an improper authentication vulnerability in ProjectSend, allowing remote, unauthenticated attackers to modify the application's configuration by sending crafted HTTP...
V8-FRESHNESS Outdated dependency on V8 found (see details)
Outdated dependency on V8 found see policy. Please update to the latest beta, stable, or extended stable versions...
PT-2024-41125 · Git · V8
Outdated dependency on V8 found see policy. Please update to the latest beta, stable, or extended stable versions...
CVE-2024-7295
In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...
CVE-2024-50202 nilfs2: propagate directory read errors from nilfs_find_entry()
In the Linux kernel, the following vulnerability has been resolved: nilfs2: propagate directory read errors from nilfsfindentry Syzbot reported that a task hang occurs in vcsopen during a fuzzing test for nilfs2. The root cause of this problem is that in nilfsfindentry, which searches for directo...
Svakom Siime Eye 安全漏洞
Svakom Siime Eye is a smart home device from Svakom USA. A security vulnerability exists in Svakom Siime Eye version 14.1.00000001.3.330.0.0.3.14, which stems from the root user's password being hashed using an outdated and deprecated hashing technique...
Fail to open the recorded session file using the old version Session Recording Player
"The recorded session file requires a newer version of the Session Recording Player for playback" error message was shown when opening the recorded session file. The error message was shown as below...
IBM Security Verify Access 32 Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory Information Title: 32 vulnerabilities in IBM Security Verify Access Advisory URL: https://pierrekim.github.io/advisories/2024-ibm-security-verify-access.txt Blog URL:...