WordPress Really Simple SSL plugin <= 9.5.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Evan NR in WordPress Plugin Really Simple SSL versions = 9.5.9...

MAL-2024-10381 Malicious code in @isfe-common/testing-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b0513243009fb3882d731746421fa3effe8a4a86c8cef4d5d6053c63059a4b0e The OpenSSF Package Analysis project identified '@isfe-common/testing-utils' @ 9.5.9 npm as malicious. It is considered malicious because: - The...

Mattermost Server 9.5.x < 9.5.9 / 9.10.x < 9.10.2 / 9.11.x < 9.11.1 Multiple Vulnerabilities

The version of Mattermost Server installed on the remote host is prior to 9.5.9, 9.10.2, or 9.11.1. It is, therefore, affected by multiple vulnerabilities. - Mattermost versions 9.10.x = 9.10.2, 9.11.x = 9.11.1, 9.5.x = 9.5.9 fail to sanitize user inputs in the frontend that are used for...

Mattermost Server 9.5.x < 9.5.9 (MMSA-2024-00358)

The version of Mattermost Server installed on the remote host is prior to 9.5.9. It is, therefore, affected by a vulnerability as referenced in the MMSA-2024-00358 advisory. - Mattermost versions 9.5.x = 9.5.8 fail to properly authorize access to archived channels when viewing archived channels i...

Security fix for the ALT Linux 9 package glpi version 9.5.9-alt1

9.5.9-alt1 built Sept. 23, 2022 Pavel Zilke in task 307140 Sept. 14, 2022 Pavel Zilke - New version 9.5.9 - This release fixes several critical security issues that has been recently discovered. Update is strongly recommended! - Security fixes: + CVE-2022-35945 : XSS through registration API +...

CVE-2018-1481

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 140763...

CVE-2018-1485

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker. IBM X-Force ID: 140970...

Code execution vulnerability in the backend of phpcms v9.5.9 and prior versions

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, pictures, downloads, information and products. A code execution vulnerability exists in the backend of phpcms v9.5.9 and earlier versions. Allows attackers to perform...