PT-2023-28408 · Samsung · Samsung Push Service

Name of the Vulnerable Software and Affected Versions: Samsung Push Service versions prior to 3.4.10 Description: The issue is related to improper authorization in the PushClientProvider of the Samsung Push Service. This allows an attacker to access a unique id. Recommendations: For versions prio...

DEBIAN-CVE-2023-31794

MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdfmarklistpush. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted PDF file...

CVE-2023-45274

Cross-Site Request Forgery CSRF vulnerability in SendPulse SendPulse Free Web Push plugin = 1.3.1 versions...

CVE-2023-45274

Cross-Site Request Forgery CSRF vulnerability in SendPulse SendPulse Free Web Push plugin = 1.3.1 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in SendPulse SendPulse Free Web Push plugin = 1.3.1 versions...

CVE-2023-45274 WordPress SendPulse Free Web Push Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in SendPulse SendPulse Free Web Push plugin = 1.3.1 versions...

CVE-2023-45274 WordPress SendPulse Free Web Push Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in SendPulse SendPulse Free Web Push plugin = 1.3.1 versions...

CVE-2023-45274

CVE-2023-45274 is a CSRF vulnerability in the WordPress plugin SendPulse Free Web Push for versions

WordPress Plugin SendPulse Free Web Push Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

SendPulse Free Web Push < 1.3.2 - CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

GitHub's Secret Scanning Feature Now Covers AWS, Microsoft, Google, and Slack

GitHub has announced an improvement to its secret scanning feature that extends validity checks to popular services such as Amazon Web Services AWS, Microsoft, Google, and Slack. Validity checks, introduced by the Microsoft subsidiary earlier this year, alert users whether exposed tokens found by...

WordPress SendPulse Free Web Push Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software SendPulse Free Web Push Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.3.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45274 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1b155dd53abb Credits Mika Requir...

ROS-20230919-01

Vulnerability of FilePickerShownCallback function in Mozilla Firefox, Firefox ESR and Thunderbird e-mail client Thunderbird is related to memory usage after it is freed. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of...

ROS-20230919-02

Vulnerability of FilePickerShownCallback function in Mozilla Firefox, Firefox ESR and Thunderbird e-mail client Thunderbird is related to memory usage after it is freed. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity, and availability of...

DEBIAN-CVE-2023-4580

Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...

CVE-2023-4580

Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...

CVE-2023-4580

Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...

Design/Logic Flaw

Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...

CVE-2023-4580 Push notifications saved to disk unencrypted

Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...

CVE-2023-4580

Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...