EUVD-2024-2795

Malicious code in bioql PyPI...

WordPress Dynamic Pricing With Discount Rules for WooCommerce plugin <= 4.5.9 - Arbitrary Code Execution vulnerability

Arbitrary Code Execution vulnerability discovered by tratt Patchstack Alliance in WordPress Plugin Dynamic Pricing With Discount Rules for WooCommerce versions = 4.5.9...

Adobe Digital Editions < 4.5.10 Information Disclosure (APSB19-04) (macOS)

The version of Adobe Digital Editions installed on the remote macOS host is prior to 4.5.10. It is, therefore, affected by a vulnerability as referenced in the APSB19-04 advisory. - Adobe Digital Editions versions 4.5.9 and below have an out of bounds read vulnerability. Successful exploitation...

Vertx gRPC server does not limit the maximum message size

In Eclipse Vert.x version 4.3.0 to 4.5.9, the gRPC server does not limit the maximum length of message payload Maven GAV: io.vertx:vertx-grpc-server and io.vertx:vertx-grpc-client. This is fixed in the 4.5.10 version. Note this does not affect the Vert.x gRPC server based grpc-java and Netty...

GHSA-G76F-GJFX-4RPR Vertx gRPC server does not limit the maximum message size

In Eclipse Vert.x version 4.3.0 to 4.5.9, the gRPC server does not limit the maximum length of message payload Maven GAV: io.vertx:vertx-grpc-server and io.vertx:vertx-grpc-client. This is fixed in the 4.5.10 version. Note this does not affect the Vert.x gRPC server based grpc-java and Netty...

CVE-2024-8391 Eclipse Vert.x gRPC server does not limit the maximum message size

In Eclipse Vert.x version 4.3.0 to 4.5.9, the gRPC server does not limit the maximum length of message payload Maven GAV: io.vertx:vertx-grpc-server and io.vertx:vertx-grpc-client. This is fixed in the 4.5.10 version. Note this does not affect the Vert.x gRPC server based grpc-java and Netty...

PT-2022-24630 · WordPress · Wpml Multilingual Cms

Name of the Vulnerable Software and Affected Versions: WPML Multilingual CMS premium plugin versions = 4.5.10 Description: The issue allows users with subscriber or higher user roles to change the status of the translation jobs due to a Broken Access Control vulnerability in the WPML Multilingual...

Vulnerability fixed in PowerDNS recursor

PowerDNS has fixed a vulnerability in PowerDNS recursor. A remote malicious party could potentially exploit the vulnerability to cause a denial-of-service. To exploit the vulnerability, the malicious party must use use an IP address allowed by the Access Control List and the vulnerable environmen...

ownCloud 'contacts' Security Bypass Vulnerability (May 2014)

ownCloud is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if...

UBUNTU-CVE-2013-1963

The contacts application in ownCloud before 4.5.10 and 5.x before 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via unspecified vectors...