Alerts

The File Away plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check and missing file type validation in the upload() function in all versions up to, and...

An issue was discovered in Exasol jdbc driver 24.2.0. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to...

HCL MyXalytics is affected by concurrent login vulnerability. A concurrent login vulnerability occurs when simultaneous active sessions are allowed for a single credential allowing an attacker to...

Mattermost versions 9.11.x

Improper Input Validation vulnerability in Progress LoadMaster allows : Buffer OverflowThis issue affects: * LoadMaster: 7.2.40.0 and above * ECS: All versions * Multi-Tenancy: 7.1.35.4 and above

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, contain(s) an Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability. A high privileged...

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, Enables Live-Restore setting which enhances security by keeping containers running during daemon restarts, reducing attack...

The Exposure of Sensitive Information to an Unauthorized Actor vulnerability impacting Beta80 Life 1st Identity Manager allows User Enumeration using Authentication Rest APIs. Affected: Life 1st...

Use of a Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient Computational Effort, Use of Weak Hash, Use of a One-Way Hash with a Predictable Salt vulnerability in...

Tenda AC7 V1.0 V15.03.06.44 found a buffer overflow caused by the timeZone parameter in the form_fast_setting_wifi_set function, which can cause RCE.