PT-2024-12128 · Damir Calusic · Wp Users Media

Name of the Vulnerable Software and Affected Versions: Damir Calusic WP users media versions 4.2.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploitation of incorrectly configured access control security levels. This can lead to...

CVE-2024-52479

Cross-Site Request Forgery CSRF vulnerability in Ben Marshall Jobify - Job Board WordPress Theme allows Cross Site Request Forgery.This issue affects Jobify - Job Board WordPress Theme: from n/a through 4.2.3...

PT-2024-35322 · Astoundify · Astoundify Jobify - Job Board Wordpress Theme

Name of the Vulnerable Software and Affected Versions: Astoundify Jobify - Job Board WordPress Theme versions through 4.2.3 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a Path Traversal vulnerability. This allows Relative Path...

vantage6-algorithm-store (>=4.10.0 <=4.15.1rc1), vantage6-node (>=0.0.0 <=4.15.1rc1) +1 more potentially affected by CVE-2024-24770 via vantage6 (>=0.0.0 <=4.2.3)

vantage6 PYPI version =0.0.0, =4.10.0, =0.0.0, =0.0.0, =4.15.1rc1 Source cves: CVE-2024-24770 Source advisory: OSV:GHSA-5H3X-6GWF-73JM...

WordPress plugin Analytify 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

3deecelltracker (>=0.5.0a0 <=1.0.0), abracadabra (>=0.0.0 <=0.0.7) +101 more potentially affected by CVE-2022-29238 via notebook (>=4.2.3 <=6.4.11)

notebook PYPI version =4.2.3, =0.5.0a0, =0.0.0, =1.0.0, =1.0.0, =0.1.1, =1.0.1, =1.0.1, =0.0.48, =0.0.2a0, =1.0.0, =0.3.4, =0.1.0rc1, =0.0.1, =0.2.1 - combnetdep =1.0.0 and more Source cves: CVE-2022-29238 Source advisory: OSV:PYSEC-2022-212...

PT-2020-15715 · Free · Freebox Server

Name of the Vulnerable Software and Affected Versions: Freebox Server versions prior to 4.2.3 Description: A CSRF issue exists in the UPnP MediaServer implementation. Recommendations: For versions prior to 4.2.3, update to version 4.2.3 or later to resolve the issue...

arpes (>=1.0.0 <=2.2.0), convert-and-download (>=0.1.3 <=0.2.4) +24 more potentially affected by CVE-2019-10255 via notebook (>=4.2.3 <=5.7.5)

notebook PYPI version =4.2.3, =1.0.0, =0.1.3, =1.0.0b1, =0.0.2, =1.31.7.dev0, =0.1.1.10, =0.2.1, =0.1.6.2, =0.1.2, =0.1.0, =0.5.0, =1.0.1, =0.1.1, =1.0.1 - marvin-python-toolbox =0.0.4 and more Source cves: CVE-2019-10255 Source advisory: OSV:GHSA-RV62-4PMJ-XW6H...

Appnitro MachForm SQL Injection Vulnerability

Appnitro MachForm is a tool for creating responsive forms in web pages from Appnitro Software Indonesia. A SQL injection vulnerability exists in the download.php file in Appnitro MachForm versions prior to 4.2.3. The vulnerability can be exploited by a remote attacker to browse, add, change, or...

Google Map Landkarten,4.2.3,SQL Injection

Google Map Landkarten from joomla-24.de, versions 4.2.3 and previous, SQL Injection...

PT-2015-7572 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.2.3 Description: A race condition exists in the IPC object implementation, allowing local users to gain privileges. This occurs when an ipc addid call is triggered, leading to comparisons of uid and gid against...