QNAP Systems QTS和QNAP Systems QuTS hero 操作系统命令注入漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. Both products have an operating system command injection vulnerability. This vulnerability stems from command injection, which...

Suprema BioStar 安全漏洞

Suprema BioStar is a web-based, open-integrated security platform developed by the South Korean company Suprema. It offers comprehensive features for access control, attendance management, visitor management, and video log maintenance. There were security vulnerabilities in the versions of Suprem...

Important: Red Hat Security Advisory: multicluster engine for Kubernetes v2.9.3 security update

The multicluster engine for Kubernetes 2.9 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.9 images The multicluster engine for Kubernetes provides the foundational components that are...

WordPress LearnPress plugin <= 4.2.9.3 - Missing Authorization to Unauthenticated Database Table Manipulation vulnerability

Missing Authorization to Unauthenticated Database Table Manipulation vulnerability discovered by Lucas Montes Nirox in WordPress Plugin LearnPress versions = 4.2.9.3...

Rancher 信息泄露漏洞

Rancher is an open source container management platform open-sourced by Rancher in the United States, built for organizations that deploy containers in production environments. An information disclosure vulnerability exists in Rancher versions 2.8.0 through prior to 2.8.10 and 2.9.0 through prior...

CVE-2024-12315

The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.3 via the exports directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in t...

WordPress plugin POST SMTP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-30524

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RedLettuce Plugins PDF Viewer for Elementor allows Stored XSS.This issue affects PDF Viewer for Elementor: from n/a through 2.9.3...

WordPress plugin Loan Repayment Calculator and Application Form Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CImg Library Security Vulnerability

CImg Library is an open source C++ library for image processing organized by Davidtschumperlé Greyc. A security vulnerability exists in CImg Library version v2.9.3. The vulnerability is exploited by attackers to obtain sensitive information via specially crafted JPEG files...

CVE-2023-28727

Panasonic AiSEG2 versions 2.00J through 2.93A allows adjacent attackers bypass authentication due to mishandling of X-Forwarded-For headers...

CVE-2022-41910

TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We hav...

DEBIAN-CVE-2020-25693

A flaw was found in CImg in versions prior to 2.9.3. Integer overflows leading to heap buffer overflows in loadpnm can be triggered by a specially crafted input file processed by CImg, which can lead to an impact to application availability or data integrity...

PT-2015-3271

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.3 Description The issue is related to the xmlStringLenDecodeEntities function in parser.c of the libxml2 library, which is associated with resource management errors. Exploitation of this issue may allow a remote...