WPDashboardNotes < 1.0.11 - Unauthorised Deletion of Private Notes

Description The plugin is vulnerable to Insecure Direct Object References IDOR in postid= parameter. Authenticated users are able to delete private notes associated with different user accounts. This poses a significant security risk as it violates the principle of least privilege and compromises...

Race condition

An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.11 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Under specific condition an unauthorised project member was allowed to delete a protected branches du...

Unauthorised Deletion

github.com/Hashicorp/Consul is vulnerable to unauthorised deletion. It does not prevent deletion of a key which is not matching with a prefix if it uses a specific ACL rule for prefix matching in a policy...

FreeBSD : moodle -- multiple vulnerabilities (66759ce6-7530-11df-9c33-000c29ba66d2)

The Moodle release notes report multiple vulnerabilities which could allow cross site scripting, XSS attacks, unauthorised deletion of attempts in some instances. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the...