245 matches found
CVE-2024-13246 Node Access Rebuild Progressive - Less critical - Access bypass - SA-CONTRIB-2024-010
Improper Ownership Management vulnerability in Drupal Node Access Rebuild Progressive allows Target Influence via Framing.This issue affects Node Access Rebuild Progressive: from 0.0.0 before 2.0.2...
Drupal 安全漏洞
Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability previously existed in Drupal Node Access Rebuild Progressive version 2.0.2, which stemmed from the inclusion of an ownership mismanagement vulnerability...
CVE-2023-48277 WordPress Super Progressive Web Apps plugin <= 2.2.21 - Broken Access Control vulnerability
Missing Authorization vulnerability in SuperPWA Super Progressive Web Apps super-progressive-web-apps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Progressive Web Apps: from n/a through = 2.2.21...
CVE-2023-48277 WordPress Super Progressive Web Apps plugin <= 2.2.21 - Broken Access Control vulnerability
Missing Authorization vulnerability in SuperPWA Super Progressive Web Apps super-progressive-web-apps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Progressive Web Apps: from n/a through = 2.2.21...
WordPress plugin Super Progressive Web Apps 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...
PT-2024-32530 · WordPress · Magazine3 Pwa For Wp & Amp
Name of the Vulnerable Software and Affected Versions: Magazine3 PWA for WP & AMP versions 1.7.72 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For Magazine3 P...
WordPress plugin PWA for WP & AMP 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2024-8967
The PWA — easy way to Progressive Web App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-8967 PWA — easy way to Progressive Web App <= 1.6.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
The PWA — easy way to Progressive Web App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress plugin PWA — easy way to Progressive Web App 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
SUSE SLES15: libQt5Quick3D5 / libQt5Quick3DAssetImport5 / libqt5-qtquick3d-devel / etc (SUSE-SU-2024:3078-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3078-1 advisory. - CVE-2024-40724: Fixed heap-based buffer overflow in the PLY importer class in assimp bsc1228199 Other fixes: - Fix progressive...
SUSE-SU-2024:3078-1 Security update for libqt5-qtquick3d
This update for libqt5-qtquick3d fixes the following issues: - CVE-2024-40724: Fixed heap-based buffer overflow in the PLY importer class in assimp bsc1228199 Other fixes: - Fix progressive anti-aliasing, which doesn't work if any object in the scene used a PrincipledMaterial - Skip processing...
SUSE SLES15 Security Update : libqt5-qtquick3d (SUSE-SU-2024:2985-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:2985-1 advisory. - CVE-2024-40724: Fixed a heap-based buffer overflow in the PLY importer class bsc1228199 - Fixed progressive anti-aliasing, which doesn't work if any...
New Phishing Attacks Target Eastern European Bank Users on iOS and Android
Cybercriminals exploit Progressive Web Apps PWAs in the latest phishing scam, targeting mobile users in Czechia, Hungary, and…...
Spring Tips: HTMX
Hi, Spring fans! HTMX is the progressive hypertext sensation that's sweeping the process of web app creation, and - thanks to a nice integration by Spring community legend Wim Deblauwe, it's easier than ever to use it with Spring Boot and Thymeleaf. And, it's the topic of today's installment! jav...
CVE-2024-33937
Missing Authorization vulnerability in Nico Martin Progressive WordPress PWA.This issue affects Progressive WordPress PWA: from n/a through 2.1.13...
CVE-2024-33937
CVE-2024-33937 describes a Missing Authorization vulnerability in the Progressive WordPress (PWA) plugin. Connected Red Hat advisory confirms this issue affects Progressive WordPress (PWA) versions up to 2.1.13 and does not provide explicit patch details in the documents. The available informatio...
WordPress plugin Progressive WordPress 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
PT-2024-25570 · Nico Martin · Progressive Wordpress
Name of the Vulnerable Software and Affected Versions: Progressive WordPress PWA versions 2.1.13 and earlier Description: The issue is related to a Missing Authorization vulnerability in Nico Martin Progressive WordPress PWA. Recommendations: For versions 2.1.13 and earlier, update to a version...
freerdp: Out-of-bounds write in the `progressive_decompress` function due to incorrect calculations
A flaw was found in FreeRDP. Incorrect calculations in the progressivedecompress function may allow for a buffer overflow, resulting in a crash...