115 matches found
PT-2022-18480 · Hcl · Hcl Launch
Name of the Vulnerable Software and Affected Versions: HCL Launch affected versions not specified Description: The issue concerns the storage of certain data for recurring activities in a plain text format. Recommendations: At the moment, there is no information about a newer version that contain...
CVE-2022-27549
HCL Launch may store certain data for recurring activities in a plain text format...
PARMinerV2's liquidate can become stuck
Lines of code Vulnerability details PARMinerV2's liquidate can be run repeatedly for the same collateralToken with different arguments. For example, different Vaults can have the same token, so there can be unrelated runs with different vaultId / DEX data, but the same collateralToken and proxy. ...
WordPress Recurring Bookings for WooCommerce plugin <= 2.0.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Recurring Bookings for WooCommerce plugin versions = 2.0.0. Solution No patched version available...
WordPress Recurring Bookings for WooCommerce plugin <= 2.0.0 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Recurring Bookings for WooCommerce plugin versions = 2.0.0. Solution No patched version available...
TimeLock cannot schedule the same calls multiple times
Handle cmichel Vulnerability details The TimeLock.schedule function reverts if the same targets and data fields are used as the txHash will be the same. This means one cannot schedule the same transactions multiple times. Impact Imagine the delay is set to 30 days, but a contractor needs to be pa...
openSUSE Security Update : MozillaThunderbird (openSUSE-2021-387)
This update for MozillaThunderbird fixes the following issues : - Mozilla Thunderbird 78.8 - fixed: Importing an address book from a CSV file always reported an error - fixed: Security information for S/MIME messages was not displayed correctly prior to a draft being saved - fixed: Calendar:...
Security update for MozillaThunderbird (important)
openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2021:0387-1 Rating: important References: 1182357 1182614 Cross-References: CVE-2021-23968 CVE-2021-23969 CVE-2021-23973 CVE-2021-23978 CVSS scores: CVE-2021-23968 NVD : 4.3...
OPENSUSE-SU-2021:0387-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 78.8 fixed: Importing an address book from a CSV file always reported an error fixed: Security information for S/MIME messages was not displayed correctly prior to a draft being saved fixed: Calendar: FileLink UI...
[SECURITY] Fedora 31 Update: php-horde-kronolith-4.2.29-1.fc31
Kronolith is the Horde calendar application. It provides web-based calendars backed by a SQL database or a Kolab server. Supported features include Ajax and mobile interfaces, shared calendars, remote calendars, invitation management iCalendar/iTip, free/busy management, resource management,...
[SECURITY] Fedora 32 Update: php-horde-kronolith-4.2.29-1.fc32
Kronolith is the Horde calendar application. It provides web-based calendars backed by a SQL database or a Kolab server. Supported features include Ajax and mobile interfaces, shared calendars, remote calendars, invitation management iCalendar/iTip, free/busy management, resource management,...
WordPress Easy Digital Downloads Recurring Payments extension cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Easy Digital Downloads EDD Recurring Payments extension is a payment gateway plugin used in it. A cross-site scripting vulnerability...
CVE-2015-9525
The Easy Digital Downloads EDD Recurring Payments extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...
Design/Logic Flaw
The Easy Digital Downloads EDD Recurring Payments extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...
CVE-2015-9525
The CVE-2015-9525 issue concerns the Easy Digital Downloads (EDD) Recurring Payments extension for WordPress. The vulnerability is an XSS flaw caused by misusing add_query_arg in multiple EDD versions (1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before ...
CVE-2015-9525
The Easy Digital Downloads EDD Recurring Payments extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...
Fedora 31 : glpi (2019-311441d430)
GLPI version 9.4.4 This is a security release, upgrading is highly recommended Non exhaustive list of changes : - security Prevent account takeover vulnerability , - security Prevent execution of XSS on rich text, - fix cache key lenght issues, - fix user picture removal at login, - several fixes...
Fedora 30 : glpi (2019-a1636592a3)
GLPI version 9.4.4 This is a security release, upgrading is highly recommended Non exhaustive list of changes : - security Prevent account takeover vulnerability , - security Prevent execution of XSS on rich text, - fix cache key lenght issues, - fix user picture removal at login, - several fixes...
Three Common Email Security Mistakes That MSPs Make
MSPs can generate recurring revenue by being proactive about educating customers about email threats and how to defeat them—if they avoid three common mistakes. Businesses have come to rely on cloud email and file-sharing applications for communication and productivity. But, too often, they assum...
As Cryptocurrency Crash Continues, Will Mining Threat Follow?
Post authored by Nick Biasini. Executive Summary As 2018 draws to a close, one technology has definitively left its mark on the year: cryptocurrencies. Digital currencies started the year out strong after a meteoric rise toward the end of 2017. Since then, it's safe to say that cryptocurrencies...