WordPress Temporary Login plugin <= 1.0.0 - Authentication Bypass to Account Takeover vulnerability

Authentication Bypass to Account Takeover vulnerability discovered by TANG Cheuk Hei siunam in WordPress Plugin Temporary Login versions = 1.0.0...

MiracleLinux 8 : tang-7-8.el8 (AXSA:2023-7186:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7186:03 advisory. tang: Race condition exists in the key generation and rotation functionality CVE-2023-1672 Tenable has extracted the preceding description block directly fro...

MiracleLinux 9 : tang-14-2.el9 (AXSA:2023-6769:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6769:02 advisory. tang: Race condition exists in the key generation and rotation functionality CVE-2023-1672 Tenable has extracted the preceding description block directly fro...

TencentOS Server 3: tang (TSSA-2023:0292)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0292 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

EUVD-2023-23900

Malicious code in bioql PyPI...

EUVD-2021-33968

Malicious code in bioql PyPI...

TencentOS Server 4: tang (TSSA-2025:0140)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0140 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Alibaba Cloud Linux 3 : 0043: tang (ALINUX3-SA-2024:0043)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0043 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-1672: A race condition exists in the Tang...

WordPress Advanced File Manager plugin 5.2.12-5.2.13 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by TANG Cheuk Hei siunam in WordPress Plugin Advanced File Manager versions 5.2.12-5.2.13...

Moderate: Red Hat Security Advisory: jose security update

An update for jose is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Moderate: jose security update

Jose is a C-language implementation of the Javascript Object Signing and Encryption standards. The jose package is a dependency of the clevis and tang packages, together providing Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: jose: resource exhaustion CVE-2024-28176 jose: Denia...

ALSA-2024:9181 Moderate: jose security update

Jose is a C-language implementation of the Javascript Object Signing and Encryption standards. The jose package is a dependency of the clevis and tang packages, together providing Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: jose: resource exhaustion CVE-2024-28176 jose: Denia...

WordPress FileOrganizer plugin <= 1.0.9 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by TANG Cheuk Hei siunam in WordPress Plugin FileOrganizer versions = 1.0.9...

WordPress FileOrganizer Plugin <= 1.0.9 is vulnerable to Arbitrary File Upload

Software FileOrganizer Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.1.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-7985 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 9a28a4363098 Credits TANG Cheuk Hei siunam Required privilege...

WordPress File Manager Pro plugin <= 8.3.9 - Unauthenticated Limited JavaScript File Upload vulnerability

Unauthenticated Limited JavaScript File Upload vulnerability discovered by TANG Cheuk Hei siunam in WordPress Plugin File Manager Pro versions = 8.3.9...

WordPress Bit Form plugin <= 2.15.2 - Authenticated (Administrator+) Improper Input Validation to Arbitrary File Read vulnerability

Authenticated Administrator+ Improper Input Validation to Arbitrary File Read vulnerability discovered by TANG Cheuk Hei siunam in WordPress Plugin Bit Form versions = 2.15.2...

RHSA-2023:7022 Red Hat Security Advisory: tang security and bug fix update

Bulletin has no description...

RHSA-2023:6492 Red Hat Security Advisory: tang security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: jose security update

An update for jose is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

ALSA-2024:5294 Moderate: jose security update

Jose is a C-language implementation of the Javascript Object Signing and Encryption standards. The jose package is a dependency of the clevis and tang packages, together providing Network Bound Disk Encryption NBDE in AlmaLinux. Security Fixes: jose: resource exhaustion CVE-2024-28176 jose: Denia...