PT-2024-37163 · WordPress · Cm Pop-Up Banners

Name of the Vulnerable Software and Affected Versions: CM Pop-Up Banners for WordPress versions prior to 1.7.3 Description: The issue allows high privilege users, such as Contributors, to perform Cross-Site Scripting attacks due to the plugin not sanitising and escaping some of its popup fields...

PT-2024-25943 · Unknown · Image Optimizer

Name of the Vulnerable Software and Affected Versions: image-optimizer versions prior to 1.7.3 Description: The issue allows PHAR deserialization, for example, using the phar:// protocol in arguments to the file exists function. Recommendations: For versions prior to 1.7.3, update to version 1.7....

SUSE CVE-2017-15923

Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x before 1.7.3 allow remote attackers to cause a denial of service crash via vectors related to parsing of IRC color formatting codes...

DEBIAN-CVE-2019-9917

ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service crash via invalid encoding...

ZNC Denial of Service Vulnerability (CNVD-2019-12157)

ZNC is a set of IRC proxies that allow users to log in to IRC servers from their workstations. A security vulnerability exists in versions prior to ZNC 1.7.3-rc1. A remote attacker could exploit this vulnerability to cause a denial of service crash...

Ubiquiti Networks EdgeSwitch Code Execution Vulnerability

The Ubiquiti EdgeSwitch is a Gigabit network switch device from Ubiquiti Networks, Inc. A security vulnerability exists in Ubiquiti EdgeSwitch 1.7.3 and earlier versions, which stems from the program's lack of protection for the admin CLI. The vulnerability can be exploited by an attacker to...