1036 matches found
PT-2025-7483 · Google +2 · Google Chrome +2
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 133.0.6943.126 Description: The issue allows a remote attacker to potentially exploit heap corruption via a crafted web app, due to a use after free in the Network component. The severity of this issue is...
CVE-2023-48277 WordPress Super Progressive Web Apps plugin <= 2.2.21 - Broken Access Control vulnerability
Missing Authorization vulnerability in SuperPWA Super Progressive Web Apps super-progressive-web-apps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Progressive Web Apps: from n/a through = 2.2.21...
CVE-2023-48277 WordPress Super Progressive Web Apps plugin <= 2.2.21 - Broken Access Control vulnerability
Missing Authorization vulnerability in SuperPWA Super Progressive Web Apps super-progressive-web-apps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Progressive Web Apps: from n/a through = 2.2.21...
WordPress plugin Super Progressive Web Apps 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...
Oracle Application Testing Suite (October 2024 CPU)
The versions of Oracle Application Testing Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2024 CPU advisory. - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps...
CVE-2024-45601
Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validatio...
CVE-2024-45601 Local file Inclusion via static file serving functionality in Mesop
Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validatio...
CVE-2024-45601 Local file Inclusion via static file serving functionality in Mesop
Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validatio...
CVE-2024-45601 Local file Inclusion via static file serving functionality in Mesop
Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validatio...
Security Updates for Microsoft Office Online Server (September 2024)
The Microsoft Office Web Apps installation on the remote host is missing a security update. It is, therefore, affected by the following: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2024-43465 Note that Nessus has not tested for this iss...
CVE-2024-38194
An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network...
CVE-2024-38194 Azure Web Apps Elevation of Privilege Vulnerability
...
CVE-2024-38194
CVE-2024-38194 represents an Elevation of Privilege vulnerability in Azure Web Apps caused by improper authorization. The CVE is cited as enabling an authenticated attacker to elevate privileges over a network. Connected sources corroborate Azure Web Apps as the affected product and indicate Micr...
CVE-2024-38194 Azure Web Apps Elevation of Privilege Vulnerability
...
Azure Web Apps Elevation of Privilege Vulnerability
An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network...
KLA73221 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Azure CycleCloud can be exploited remotely to execute...
PT-2024-27899 · Microsoft · Azure Web Apps
Name of the Vulnerable Software and Affected Versions: Azure Web Apps affected versions not specified Description: An authenticated attacker can exploit an improper authorization issue in Azure Web Apps to elevate privileges over a network. Recommendations: At the moment, there is no information...
New Phishing Attacks Target Eastern European Bank Users on iOS and Android
Cybercriminals exploit Progressive Web Apps PWAs in the latest phishing scam, targeting mobile users in Czechia, Hungary, and…...
An AWS Configuration Issue Could Expose Thousands of Web Apps
Amazon has updated its instructions for how customers should more securely implement AWS's traffic-routing service known as Application Load Balancer, but it's not clear everyone will get the memo...
CVE-2024-39903
Solara is a pure Python, React-style framework for scaling Jupyter and web apps. A Local File Inclusion LFI vulnerability was identified in widgetti/solara, in version 1.35.1, which was fixed in version 1.35.1. This vulnerability arises from the application's failure to properly validate URI...