163 matches found
CVE-2014-125102
CVE-2014-125102 affects the Bestwebsoft Relevant Plugin for WordPress up to version 1.0.7, specifically the Thumbnail Handler component. The vulnerability allows information disclosure and can be exploited remotely. A fix is provided in version 1.0.8, with patch identifier 860d1891025548cf0f5f973...
CVE-2014-125102 Bestwebsoft Relevant Plugin Thumbnail information disclosure
A vulnerability classified as problematic was found in Bestwebsoft Relevant Plugin up to 1.0.7 on WordPress. Affected by this vulnerability is an unknown functionality of the component Thumbnail Handler. The manipulation leads to information disclosure. The attack can be launched remotely...
WordPress Plugin Bestwebsoft Relevant 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An information disclosure vulnerability...
PT-2023-10170 · Bestwebsoft · Bestwebsoft Relevant Plugin
Name of the Vulnerable Software and Affected Versions: Bestwebsoft Relevant Plugin versions up to 1.0.7 Description: A vulnerability was found in the Thumbnail Handler component of the Bestwebsoft Relevant Plugin, leading to information disclosure. The attack can be launched remotely...
CVE-2023-33248
Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...
Upgraded Q -> 2 from #964 [1684819958119]
Judge has assessed an item in Issue 964 as 2 risk. The relevant finding follows: L1 --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 2 from #597 [1684599598059]
Judge has assessed an item in Issue 597 as 2 risk. The relevant finding follows: L4 --- The text was updated successfully, but these errors were encountered: All reactions...
CVE-2023-29491
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...
CVE-2023-29491
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...
Authentication Bypass
farmhaystack is vulnerable to Authentication Bypass. The vulnerability exists in docker-compose.yml due to the use of hard-coded, security-relevant constants which allows an attacker to make changes in the annotation process...
Use of hard-coded, security-relevant constants in deepset-ai/haystack
Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack in version 1.15.0 and prior. A patch is available at commit 5fc84904f198de661d5b933fde756aa922bf09f1...
Hardcoded credentials
Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30...
CVE-2023-1712 Use of Hard-coded, Security-relevant Constants in deepset-ai/haystack
Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30...
Upgraded Q -> 2 from #215 [1679863647530]
Judge has assessed an item in Issue 215 as 2 risk. The relevant finding follows: NC1 --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 2 from #83 [1679850055838]
Judge has assessed an item in Issue 83 as 2 risk. The relevant finding follows: L-05 PauseModifier is not used in KangarooVault --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 2 from #215 [1679863603573]
Judge has assessed an item in Issue 215 as 2 risk. The relevant finding follows: L1 + L2 --- The text was updated successfully, but these errors were encountered: All reactions...
Year in Review: Rapid7 Threat Intelligence
In an evolving threat landscape, non-stop alerts and more IOC feeds don’t guarantee better protection. Security teams are overwhelmed and struggle to identify relevant threat information. Thankfully, Threat Command delivers highly contextual alerts and integration across your environment to help...
Upgraded G -> 3 from #31 [1673740145531]
Judge has assessed an item in Issue 31 as 3 risk. The relevant finding follows: tetaegerageage --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> M from #22 [1671528533640]
Judge has assessed an item in Issue 22 as M risk. The relevant finding follows: NC-2 Return values of approve not checked --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> M from #508 [1670444214372]
Judge has assessed an item in Issue 508 as M risk. The relevant finding follows: 508 --- The text was updated successfully, but these errors were encountered: All reactions...