150 matches found
SUSE CVE-2026-40223
In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User= unit exists and is running...
PT-2026-31932
In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User= unit exists and is running...
"Getting to Yes": An Anti-Sales Guide for MSPs
Most MSPs and MSSPs know how to deliver effective security. The challenge is helping prospects understand why it matters in business terms. Too often, sales conversations stall because prospects are overwhelmed, skeptical, or tired of fear-based messaging. That's why we created "Getting to Yes": ...
Improper Warning Message Handling
@anthropic-ai/claude-code is vulnerable to improper warning message handling. The vulnerability is due to an unclear trust prompt that failed to inform users that selecting “Yes, proceed” would execute files in the folder without further confirmation, which allows an attacker to trick users into...
CVE-2025-54112
creationtimestamp| type| source ---|---|--- 2025-09-09 16:22:30+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0277 2025-09-09 17:06:15+00:00| seen| https://www.thezdi.com/blog/2025/9/9/the-september-2025-security-update-review...
CVE-2021-24360
The Yes/No Chart WordPress plugin before 1.0.12 did not sanitise its sid shortcode parameter before using it in a SQL statement, allowing medium privilege users contributor+ to perform Blind SQL Injection attacks...
WordPress Shoutcast and Icecast HTML5 Web Radio Player by YesStreaming.com plugin <= 3.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Shoutcast and Icecast HTML5 Web Radio Player by YesStreaming.com versions = 3.3...
[SECURITY] [DSA 5828-1] python-aiohttp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5828-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 11, 2024 https://www.debian.org/security/faq -...
yes-ticket.de Cross Site Scripting vulnerability OBB-3715351
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
yes-school.de Cross Site Scripting vulnerability OBB-3711669
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
yes-school.de Cross Site Scripting vulnerability OBB-3269181
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
yes-trade.com Cross Site Scripting vulnerability OBB-3252287
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
SUSE CVE-2018-5738
Change 4777 introduced in October 2017 introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended and documented behavior is that if an operator has not specified a value for the...
yes-you.nl Cross Site Scripting vulnerability OBB-3061640
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
elearning.yes.edu.my Cross Site Scripting vulnerability OBB-2917727
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Yes/No Chart WordPress plugin SQL Injection Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.Yes/No Chart is a plugin for WordPress. Yes/No Chart WordPress plugin version prior to 1.0.12 suffers from a SQL injection...
CVE-2021-24360
The Yes/No Chart WordPress plugin before 1.0.12 did not sanitise its sid shortcode parameter before using it in a SQL statement, allowing medium privilege users contributor+ to perform Blind SQL Injection attacks...
CVE-2021-24360
The Yes/No Chart WordPress plugin before 1.0.12 did not sanitise its sid shortcode parameter before using it in a SQL statement, allowing medium privilege users contributor+ to perform Blind SQL Injection attacks...
CVE-2021-24360
Yes/No Chart WordPress plugin (before 1.0.12) is vulnerable due to unsanitized sid shortcode parameter used in SQL statements, enabling blind SQL injection by medium-privilege users (contributor+). Root cause: input not sanitized before query construction. Impact: potential data exposure through ...
CVE-2021-24360 Yes/No Chart < 1.0.12 - Authenticated (contributor+) Blind SQL Injection
The Yes/No Chart WordPress plugin before 1.0.12 did not sanitise its sid shortcode parameter before using it in a SQL statement, allowing medium privilege users contributor+ to perform Blind SQL Injection attacks...