Alerts

The Garden Gnome Package plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the functionality that automatically extracts 'ggpkg' files...

The Ultimate Gift Cards for WooCommerce – Create WooCommerce Gift Cards, Gift Vouchers, Redeem & Manage Digital Gift Coupons. Offer Gift Certificates, Schedule Gift Cards, and Use Advance Coupons...

The PDF Flipbook, 3D Flipbook—DearFlip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via outline settings in all versions up to 2.3.52 due to insufficient input sanitization and...

The Shipping via Planzer for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘processed-ids’ parameter in all versions up to, and including, 1.0.25 due to...

Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability,...

RedisTimeSeries is a time-series database (TSDB) module for Redis, by Redis. Executing one of these commands TS.QUERYINDEX, TS.MGET, TS.MRAGE, TS.MREVRANGE by an authenticated user, using specially...

RediSearch is a Redis module that provides querying, secondary indexing, and full-text search for Redis. An authenticated redis user executing FT.SEARCH or FT.AGGREGATE with a specially crafted...

An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL...

RedisBloom adds a set of probabilistic data structures to Redis. There is an integer overflow vulnerability in RedisBloom, which is a module used in Redis. The integer overflow vulnerability allows...

Multiple vulnerabilities in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks...