PT-2024-32243

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue occurs when a host attempts to remove the ufshcd driver from a UFS device, potentially causing a kernel panic if ufshcd async scan fails during ufshcd probe hba before adding a...

Atlassian Jira < 9.4.21 / 9.12.x < 9.12.8 / 9.15.x < 9.16.0 (JRASERVER-77713)

The version of Atlassian Jira Server running on the remote host is affected by a vulnerability as referenced in the JRASERVER-77713 advisory. - This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information...

CVE-2024-6297

CVE-2024-6297 refers to multiple WordPress plugins where the plugin source code was compromised, injecting backdoors that exfiltrate database credentials and can create new administrator users. Public disclosures from Red Hat and Wordfence confirm a high‑risk, internal compromise affecting severa...

CVE-2024-6297 Several WordPress.org Plugins <= Various Versions - Injected Backdoor

Several plugins for WordPress hosted on WordPress.org have been compromised and injected with malicious PHP scripts. A malicious threat actor compromised the source code of various plugins and injected code that exfiltrates database credentials and is used to create new, malicious, administrator...

Supply Chain Attack on WordPress.org Plugins Leads to 5 Maliciously Compromised WordPress Plugins

On Monday June 24th, 2024 the Wordfence Threat Intelligence team became aware of a plugin, Social Warfare, that was injected with malicious code on June 22, 2024 based on a forum post by the WordPress.org Plugin Review team. We immediately checked the malicious file and uploaded it to our interna...

Exploit for SQL Injection in Opencart

CVE-2024-21514 PoC and Bulk Scanner !Bannerscreens/screen...

Exploit for Code Injection in Xwiki

CVE-2024-31982 PoC and Bulk Scanner !Bannerscreens/scree...

CVE-2023-49113 Sensitive Data Stored Insecurely in Kiuwan SAST Local Analyzer

The Kiuwan Local Analyzer KLA Java scanning application contains several hard-coded secrets in plain text format. In some cases, this can potentially compromise the confidentiality of the scan results. Several credentials were found in the JAR files of the Kiuwan Local Analyzer. The JAR file...

PT-2024-13676 · Unknown · Kiuwan Local Analyzer +1

Name of the Vulnerable Software and Affected Versions: Kiuwan SAST version master.1808.p685.q13371 Description: The issue arises when the Kiuwan Local Analyzer uploads scan results to the Kiuwan SAST web application, which processes XML files containing external entities. This leads to an XML...

Exploit for Path Traversal in Hsclabs Mailinspector

CVE-2024-34470 PoC and Bulk Scanner Overview This is a pr...

Exploit for OS Command Injection in Zyxel Nas326_Firmware

CVE-2024-29973 PoC and Bulk Scanner Overview This is a pr...

AlmaLinux 8 : flatpak (ALSA-2024:3961)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3961 advisory. flatpak: sandbox escape via RequestBackground portal CVE-2024-32462 Tenable has extracted the preceding description block directly from the AlmaLinux security...

GO-2024-2916 SQL Injection in Harbor scan log API in github.com/goharbor/harbor

SQL Injection in Harbor scan log API in github.com/goharbor/harbor...

OpenTelemetry Collector Installed (Linux / Unix)

Binary data opentelemetrynixinstalled.nbin...

CVE-2024-5759

An improper privilege management vulnerability exists in Tenable Security Center where an authenticated, remote attacker could view unauthorized objects and launch scans without having the required privileges...

CVE-2024-1891

A stored cross site scripting vulnerability exists in Tenable Security Center where an authenticated, remote attacker could inject HTML code into a web application scan result page...

CVE-2024-1891

The CVE-2024-1891 entry describes a stored cross-site scripting vulnerability in Tenable Security Center. A authenticated, remote attacker could inject HTML code into a web application scan result page due to inadequate input handling in the affected component/file. Relevant details show impact c...

PT-2024-18398 · Tenable · Tenable Security Center

Name of the Vulnerable Software and Affected Versions: Tenable Security Center affected versions not specified Description: A stored cross site scripting issue exists, allowing an authenticated, remote attacker to inject HTML code into a web application scan result page. Recommendations: At the...

Tenable Security Center Security Breach

Tenable Security Center is a security center from Tenable USA. A security vulnerability exists in Tenable Security Center that stems from the presence of a stored cross-site scripting vulnerability that could allow an authenticated, remote attacker to inject HTML code into a web application scan...

Fedora 39 : efifs (2024-69933b0732)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-69933b0732 advisory. - Update bundled edk2 to 20240524 2284243 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note tha...