DEBIAN-CVE-2023-45286

A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same bytes.Buffer more than once, when request retries are enabled and a retry occurs. The call to sync.Pool.Get will then return a bytes.Buff...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

iThemes Sync < 2.1.14 - Cross-Site Request Forgery and Missing Authorization via 'hide_authenticate_notice'

Description The iThemes Sync plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.13. This is due to missing or incorrect nonce validation on the hideauthenticatenotice function. This makes it possible for unauthenticated attackers to hide admin...

CVE-2023-26535

Cross-Site Request Forgery CSRF vulnerability in WPPOOL Sheets To WP Table Live Sync plugin = 2.12.15 versions...

CVE-2023-26535

Cross-Site Request Forgery CSRF vulnerability in WPPOOL Sheets To WP Table Live Sync plugin = 2.12.15 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in WPPOOL Sheets To WP Table Live Sync plugin = 2.12.15 versions...

CVE-2023-26535 WordPress Sheets To WP Table Live Sync Plugin <= 2.12.15 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in WPPOOL Sheets To WP Table Live Sync plugin = 2.12.15 versions...

CVE-2023-26535

CVE-2023-26535: Cross-Site Request Forgery in WordPress Sheets To WP Table Live Sync plugin (

CVE-2023-26535 WordPress Sheets To WP Table Live Sync Plugin <= 2.12.15 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in WPPOOL Sheets To WP Table Live Sync plugin = 2.12.15 versions...

WordPress Plugin Sheets To WP Table Live Sync Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Citrix Delivery Controllers generates Event ID 505 and Event ID 3602 continuously

Upgrading CVAD version to 2308 generates“Citrix ConfigSync Service” with "Event ID “505 ” and "Citrix High Availability Service" with "Event ID 3602" The Citrix Config Sync Service failed an import. Error details: Error importing configuration data into secondary Broker...

VulnCheck KEV: CVE-2022-2488

A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlistsync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used...

WordPress iThemes Sync Plugin < 3.0.1 is vulnerable to Cross Site Scripting (XSS)

Software iThemes Sync Type Plugin Vulnerable versions 3.0.1 Fixed in 3.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID da91ec2d1342 Credits Robin Wood Required privilege...

CVE-2023-46643

A vulnerability in shanevcloudnet360 Download CloudNet360 cloudnet-sync.This issue affects Download CloudNet360: from n/a through = 3.2.0...

sync-me.de Improper Access Control vulnerability OBB-3775216

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

kernel: md/raid10: fix leak of 'r10bio->remaining' for recovery

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix leak of 'r10bio-remaining' for recovery raid10syncrequest will add 'r10bio-remaining' for both rdev and replacement rdev. However, if the read io fails, recoveryrequestwrite returns without issuing the write io, in...

A flaw was discovered in the XFS source in the Linux kernel (CVE-2020-12655)

An issue was discovered in xfsagfverify in fs/xfs/libxfs/xfsalloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767...

CVE-2023-21306

In ContentService, there is a possible way to read installed sync content providers due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Information disclosure

In ContentService, there is a possible way to read installed sync content providers due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21306

In ContentService, there is a possible way to read installed sync content providers due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...