Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-2785)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-3978 affecting package cni-plugins for versions less than 1.3.0-6

CVE-2023-3978 affecting package cni-plugins for versions less than 1.3.0-6. A patched version of the package is available...

CVE-2024-47311

Missing Authorization vulnerability in Kraft Plugins Wheel of Life wheel-of-life allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wheel of Life: from n/a through = 1.1.8...

CVE-2024-47311 WordPress Wheel of Life plugin <= 1.1.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Kraft Plugins Wheel of Life allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wheel of Life: from n/a through 1.1.8...

CVE-2024-47311

CVE-2024-47311 relates to a Broken Access Control/missing authorization vulnerability in WordPress plugin Wheel of Life. Affected versions are

VulnCheck KEV: CVE-2023-23897

Cross-Site Request Forgery CSRF vulnerability in Ozette Plugins Simple Mobile URL Redirect plugin = 1.7.2 versions...

WordPress Broken Link Checker Plugin < 2.4.1 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:managewp:brokenlinkchecker"; if description...

GHSA-F748-7HPG-88CH vulnerabilities

Vulnerabilities for packages: nvidia-container-toolkit, nvidia-gpu-operator-validator...

CVE-2024-10048

The Post Status Notifier Lite and Premium plugins for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 1.11.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

PT-2024-34276

Name of the Vulnerable Software and Affected Versions: WP Query Console versions n/a through 1.0 Hunk Companion versions prior to 1.9.0 Description: The issue is related to an Improper Control of Generation of Code 'Code Injection' vulnerability, which allows code injection. This vulnerability...

containernetworking-plugins security update

An update is available for containernetworking-plugins. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Container Network Interface CNI project consists of a...

RockyLinux 9 : containernetworking-plugins (RLSA-2024:8110)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:8110 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 Tenable...

CVE-2024-49695

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spiffy Plugins WP Flow Plus wp-imageflow2 allows Stored XSS.This issue affects WP Flow Plus: from n/a through = 5.2.3...

CVE-2024-49695

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a through 5.2.3...

CVE-2024-49695 WordPress WP Flow Plus plugin <= 5.2.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spiffy Plugins WP Flow Plus wp-imageflow2 allows Stored XSS.This issue affects WP Flow Plus: from n/a through = 5.2.3...

CVE-2024-49695 WordPress WP Flow Plus plugin <= 5.2.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spiffy Plugins WP Flow Plus wp-imageflow2 allows Stored XSS.This issue affects WP Flow Plus: from n/a through = 5.2.3...

CVE-2024-49695

CVE-2024-49695 involves a Stored XSS in WP Flow Plus (WordPress) due to improper input neutralization during web page generation in versions up to 5.2.3. The vulnerability affects WP Flow Plus and can be mitigated by upgrading to version 5.2.4 or later, per Patchstack and related sources. The CVE...

CVE-2024-35308

A post-authentication arbitrary file read vulnerability within the server plugins section in plugin edition feature. This issue affects Pandora FMS: from 700 through 777.3...

CVE-2024-35308

A post-authentication arbitrary file read vulnerability within the server plugins section in plugin edition feature. This issue affects Pandora FMS: from 700 through 777.3...

CVE-2024-35308 Post-auth Arbitrary File Read in the Server Plugins Section

A post-authentication arbitrary file read vulnerability within the server plugins section in plugin edition feature. This issue affects Pandora FMS: from 700 through 777.3...