Riasztások

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2021-39275.

Mattermost Mobile Apps versions

In affected versions of the Octopus Kubernetes worker or agent, sensitive variables could be written to the Kubernetes script pod log in clear-text. This was identified in Version 2 however it was...

A incorrect privilege assignment in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, FortiManager versions 7.4.0 through 7.4.2,...

A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0,...

The Multi Step Form plugin for WordPress is vulnerable to unauthorized limited file upload due to a missing capability check on the fw_upload_file AJAX action in all versions up to, and including,...

The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix value in several AJAX fuctions in all versions up to, and including, 1.4.8 due to insufficient...

The Passwords Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pms_save_setting' and 'post_new_pass'...

The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix value in several AJAX actions in all versions up to, and including, 1.4.8 due to insufficient...

The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is vulnerable to limited file uploads due to insufficient file type validation in the upload_file()...