Exploit for Path Traversal in Grafana

Automated Exploit Tool for Grafana CVE-2021-43798 !Previewi...

Debian dsa-5831 : gir1.2-gst-plugins-base-1.0 - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5831 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5831-1 [email protected] https://www.debian.org/securit...

gstreamer-plugins-good-1.24.10-2.1 on GA media (moderate)

gstreamer-plugins-good-1.24.10-2.1 on GA media Announcement ID: openSUSE-SU-2024:14578-1 Rating: moderate Cross-References: CVE-2024-47530 CVE-2024-47537 CVE-2024-47598 CVE-2024-47599 CVE-2024-47601 CVE-2024-47606 CVE-2024-47613 CVE-2024-47774 CVE-2024-47775 CVSS scores: CVE-2024-47537 SUSE : 7.8...

CVE-2023-36681

Missing Authorization vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.6.2...

CVE-2023-32593

Missing Authorization vulnerability in GS Plugins GS Pins for Pinterest gs-pinterest-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Pins for Pinterest: from n/a through = 1.6.7...

CVE-2023-36681

The CVE-2023-36681 entry concerns the WordPress plugin Cryptocurrency Widgets – Price Ticker & Coins List (versions

CVE-2024-52059

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow', Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional Security Plugins allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from...

CVE-2024-52059

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow', Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional Security Plugins allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from...

CVE-2024-52059

RTI Connext Professional (Security Plugins) contains a classic buffer overflow in a Buffer Copy without Checking Size of Input. Affected versions: 6.1.0–6.1.2.16 and 7.0.0–7.3.0.1. Root cause is a classic buffer overflow that can overflow variables and tags.Mitigation: upgrade to 6.1.2.17 or late...

CVE-2024-52059 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional (Security Plugins) allows Overflow Variables and Tags.

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow', Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional Security Plugins allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from...

CVE-2024-52059 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional (Security Plugins) allows Overflow Variables and Tags.

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow', Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional Security Plugins allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from...

PT-2024-35109 · Real Time Innovations · Rti Connext Professional

Name of the Vulnerable Software and Affected Versions: RTI Connext Professional versions 6.1.0 through 6.1.2.16 RTI Connext Professional versions 7.0.0 through 7.3.0.1 Description: The issue is a Buffer Copy without Checking Size of Input, also known as a 'Classic Buffer Overflow', in RTI Connext...

OPENSUSE-SU-2024:14577-1 gstreamer-plugins-base-1.24.10-2.1 on GA media

These are all security issues fixed in the gstreamer-plugins-base-1.24.10-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:14578-1 gstreamer-plugins-good-1.24.10-2.1 on GA media

These are all security issues fixed in the gstreamer-plugins-good-1.24.10-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2024-55886

OpenSearch Data Prepper is a component of the OpenSearch project that accepts, filters, transforms, enriches, and routes data at scale. A vulnerability exists in the OpenTelemetry Logs source in Data Prepper starting inversion 2.1.0 and prior to version 2.10.2 where some custom authentication...

CVE-2024-55886 OpenTelemetry Logs source may lack authentication with some custom plugins

OpenSearch Data Prepper is a component of the OpenSearch project that accepts, filters, transforms, enriches, and routes data at scale. A vulnerability exists in the OpenTelemetry Logs source in Data Prepper starting inversion 2.1.0 and prior to version 2.10.2 where some custom authentication...

CVE-2024-55886

The CVE affects OpenSearch Data Prepper (OpenTelemetry Logs source) where custom GrpcAuthenticationProvider plugins that implement getHttpAuthenticationService() instead of getAuthenticationInterceptor() fail to perform authentication, allowing unauthorized data ingestion. Affected versions: 2.1....

CVE-2024-55886 OpenTelemetry Logs source may lack authentication with some custom plugins

OpenSearch Data Prepper is a component of the OpenSearch project that accepts, filters, transforms, enriches, and routes data at scale. A vulnerability exists in the OpenTelemetry Logs source in Data Prepper starting inversion 2.1.0 and prior to version 2.10.2 where some custom authentication...

WordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable Plugins

Malicious actors are exploiting a critical vulnerability in the Hunk Companion plugin for WordPress to install other vulnerable plugins that could open the door to a variety of attacks. The flaw, tracked as CVE-2024-11972 CVSS score: 9.8, affects all versions of the plugin prior to 1.9.0. The...

AZL-54350 CVE-2024-47835 affecting package gstreamer1-plugins-base 1.20.0-3

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parselrc function within gstsubparse.c. The parselrc function calls strchr to find the character '' in the string line. The pointer returned by this call ...