Remote Unauthenticated Code Execution Vulnerability in OpenSSH Server (regreSSHion): July 2024
On July 1, 2024, the Qualys Threat Research Unit (TRU) disclosed an unauthenticated, remote code execution vulnerability that affects the OpenSSH server (sshd) in glibc-based Linux systems.
Medium - CVE-2022-3459 - The WooCommerce Multiple Free Gift plugin for...
The WooCommerce Multiple Free Gift plugin for WordPress is vulnerable to gift manipulation in all versions up to, and including, 1.2.3. This is due to plugin not enforcing server-side checks on the...
NA - CVE-2024-8271 - The The FOX – Currency Switcher Professional...
The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.1. This is due to the...
NA - CVE-2024-8775 - A flaw was found in Ansible, where sensitive...
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as...
NA - CVE-2024-8039 - Improper permission configurationDomain...
Improper permission configurationDomain configuration vulnerability of the mobile application (com.afmobi.boomplayer) can lead to account takeover risks.
High - CVE-2024-8246 - The Post Form – Registration Form – Profile...
The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to privilege escalation in all versions up...
High - CVE-2024-8479 - The The Simple Spoiler plugin for WordPress is...
The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in versions 1.2 to 1.3. This is due to the plugin adding the filter add_filter('comment_text',...
