Riasztások
2024. okt. 3.
NA - CVE-2024-45367 - The web server for ONS-S8 - Spectra Aggregation...
The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead to an attacker authenticating without a password.
2024. okt. 2.
NA - CVE-2024-21530 - Versions of the package cocoon before 0.4.0 are...
Versions of the package cocoon before 0.4.0 are vulnerable to Reusing a Nonce, Key Pair in Encryption when the encrypt, wrap, and dump functions are sequentially called. An attacker can generate...
2024. okt. 2.
NA - CVE-2024-33662 - Portainer before 2.20.2 improperly uses an...
Portainer before 2.20.2 improperly uses an encryption algorithm in the AesEncrypt function.
2024. okt. 2.
NA - CVE-2024-45186 - FileSender before 2.49 allows server-side...
FileSender before 2.49 allows server-side template injection (SSTI) for retrieving credentials.
2024. okt. 2.
High - CVE-2024-7855 - The WP Hotel Booking plugin for WordPress is...
The WP Hotel Booking plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_review() function in all versions up to, and including, 2.1.2....
2024. okt. 2.
NA - CVE-2024-7315 - The Migration, Backup, Staging WordPress...
The Migration, Backup, Staging WordPress plugin before 0.9.106 does not use sufficient randomness in the filename that is created when generating a backup, which could be bruteforced by attackers...
2024. okt. 2.
NA - CVE-2024-9174 - Stored HTML Injection in Social Module in...
Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows authenticated user to spoof UI
2024. okt. 2.
NA - CVE-2024-9333 - Permissions bypass in M-Files Connector for...
Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated user to access limited amount of documents via incorrect access control list calculation