ws: Memory exhaustion DoS from tiny fragments and data chunks

Impact A high volume of exceptionally small fragments and data chunks can be sent by a peer, with modest network traffic, to force the remote peer into allocating and holding structural wrappers that consume far more memory than the default documented message-size limit, leading to process...

CVE-2023-52220

Missing Authorization vulnerability in MonsterInsights Google Analytics by Monster Insights.This issue affects Google Analytics by Monster Insights: from n/a through 8.21.0...

WordPress plugin Google Analytics by Monster Insights 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

PT-2024-14484 · Monster Insights · Google Analytics

Name of the Vulnerable Software and Affected Versions: Google Analytics by Monster Insights versions 8.21.0 and earlier Description: The issue is related to a Missing Authorization vulnerability. This vulnerability affects the MonsterInsights Google Analytics plugin by Monster Insights...

Authorization

Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a member of the...

CVE-2023-36826 Sentry vulnerable to improper authorization on debug and artifact file downloads

Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a member of the...

Atlassian Jira 8.7.0 < 8.13.12 Non-Administrators Able To Configure Replication Settings

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.21.0. It is, therefore, affected by a vulnerability which permits authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken...

Cross site request forgery (csrf)

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to restore the default configuration of fields via a Cross-Site Request Forgery CSRF vulnerability in the /secure/admin/RestoreDefaults.jspa endpoint. The affected versions are before version 8.21.0...