EUVD-2023-52794

Malicious code in bioql PyPI...

EUVD-2023-52792

Malicious code in bioql PyPI...

EUVD-2023-52795

Malicious code in bioql PyPI...

CVE-2024-45199

insightsoftware Hive JDBC through 2.6.13 has a remote code execution vulnerability. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the database. This can further lead to remote code executi...

CVE-2024-10174

The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.6.13 via the 'AbstractPermission' class due to missing validation on the 'useri...

WordPress plugin JetElements For Elementor security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

PT-2024-13645 · Crocoblock · Crocoblock Jetelements For Elementor

Name of the Vulnerable Software and Affected Versions: Crocoblock JetElements For Elementor versions 2.6.13 and earlier Description: The issue is related to a Missing Authorization vulnerability. This means that there is a lack of proper authorization checks, potentially allowing unauthorized...

PT-2024-13644 · Crocoblock · Crocoblock Jetelements For Elementor

Name of the Vulnerable Software and Affected Versions: Crocoblock JetElements For Elementor versions 2.6.13 and earlier Description: The issue is related to a Missing Authorization vulnerability in Crocoblock JetElements For Elementor. Recommendations: For versions 2.6.13 and earlier, update to a...

WordPress Mollie Forms Plugin <= 2.6.13 is vulnerable to Cross Site Request Forgery (CSRF)

Software Mollie Forms Type Plugin Vulnerable versions = 2.6.13 Fixed in 2.6.14 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2368 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID be4c386416af Credits Lucio Sá Required...

SUSE CVE-2007-0772

The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service oops via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer...

SmartRG Router 2.6.13 Remote Code Execution Exploit

Exploit Title: SmartRG Router - Remote Code Execution Exploit Author: Yerodin Richards Vendor Homepage: https://adtran.com Version: 2.5.15 / 2.6.13 confirmed Tested on: SR506n 2.5.15 & SR510n 2.6.13 CVE : CVE-2022-37661 import requests from subprocess import Popen, PIPE routerhost =...

SmartRG Router 2.6.13 Remote Code Execution

Exploit Title: SmartRG Router - Remote Code Execution Date: 13/06/2022 Exploit Author: Yerodin Richards Vendor Homepage: https://adtran.com Version: 2.5.15 / 2.6.13 confirmed Tested on: SR506n 2.5.15 & SR510n 2.6.13 CVE : CVE-2022-37661 import requests from subprocess import Popen, PIPE routerhos...