CVE-2023-39677

MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php...

PT-2023-27066 · Prestashop · Simpleimportproduct Prestashop Module

Name of the Vulnerable Software and Affected Versions: SimpleImportProduct Prestashop Module version 6.2.9 Description: The issue is a SQL injection vulnerability. It can be exploited via the key parameter at the "send.php" endpoint. Recommendations: For SimpleImportProduct Prestashop Module...

CVE-2023-39056

An information leak in Coffee-jumbo v13.6.1 allows attackers to obtain the channel access token and send crafted messages...

Malicious code in send-orchestrator-event-lambda (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3348279a1bc1471493fbd3415cdf02e1175ffa720b2c0df7fac42c1f7475b852 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2025-53189

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the kcm sendmsg function. The issue occurs when an error happens after some bytes have been copied during message sending, leaving the last skb...

SUSE CVE-2023-28366

The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function...

CVE-2020-26652

An issue was discovered in function nl80211sendchandef in rtl8812au v5.6.4.2 allows attackers to cause a denial of service...

node-red-contrib-huemagic path traversal vulnerability

node-red-contrib-huemagic is a solution for Foddy individual developers. A security vulnerability exists in Foddy node-red-contrib-huemagic version 3.0.0, which stems from a directory traversal vulnerability. An attacker can exploit this vulnerability to obtain sensitive information by sending a...

PT-2023-12071

Name of the Vulnerable Software and Affected Versions Qubely WordPress plugin versions prior to 1.8.6 Description The issue allows an unauthenticated user to send arbitrary e-mails to arbitrary addresses via the qubely send form data AJAX action. Recommendations For versions prior to 1.8.6, updat...

Rdiffweb Security Vulnerability

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. It provides quick access to your files through an efficient web interface. A security vulnerability exists in Rdiffweb versions prior to 2.8.0, which stems from a lack of rate limiting in the send report feature...

UBUNTU-CVE-2023-39017

DISPUTED quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. This vulnerability is exploited via passing an unchecked argument. NOTE: this is disputed by multiple parties because it is not...

PT-2023-26739 · Unknown · Quartz-Jobs

Name of the Vulnerable Software and Affected Versions: quartz-jobs versions 2.3.2 and below Description: The issue is related to a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. This vulnerability is exploited via passing an unchecked argument to...

WordPress DeMomentSomTres Immediate Send Plugin <= 3.201704251244 is vulnerable to Cross Site Scripting (XSS)

Software DeMomentSomTres Immediate Send Type Plugin Vulnerable versions = 3.201704251244 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 395b22880d0c Credits Rafie Muhammad...

WordPress Send Prebuilt Emails Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Send Prebuilt Emails Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e40ed22ae602 Credits Rafie Muhammad Patchstack...

WordPress Send Users Email Plugin < 1.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Send Users Email Type Plugin Vulnerable versions 1.4.1 Fixed in 1.4.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d0f22e82a62c Credits Rafie Muhammad Patchstack Require...

The vulnerability of the ishtp_cl_get_dma_send_buf() function in the driver of the Integrated Sensor Hub (ISH) for Linux operating systems allows a hacker to cause a service failure.

The vulnerability of the ishtpclgetdmasendbuf function in the Linux operating system’s Integrated Sensor Hub ISH driver lies in pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

Bitcoin Core 安全漏洞

Bitcoin Core is an open source client for verifying the validity of blockchain transactions. A security vulnerability exists in version v22 of Bitcoin Core that stems from the presence of a memory management and protection issue that allows an attacker to modify the send address stored in the...

PT-2023-25201 · Rotem Dynamics · Rotem Crm

Name of the Vulnerable Software and Affected Versions: Rotem Dynamics Rotem CRM up to 20230729 Description: A problematic vulnerability has been found in Rotem Dynamics Rotem CRM, affecting an unknown part of the file "/LandingPages/api/otp/send?id=ID&method=sms" of the component OTP URI Interfac...

WordPress Plugin ElasticPress 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2023-22653 · Libcoap +1 · Libcoap +1

Name of the Vulnerable Software and Affected Versions: libcoap library versions 4.3.1-103-g52cfd56 through 4.3.1-119 Description: The issue is related to a Buffer Overflow vulnerability in the coap send function. This vulnerability allows attackers to obtain sensitive information via a malformed...