GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the...
9.8CVSS
9.8AI Score
0.001EPSS
Canva – Design beautiful blog graphics <= 1.2.4 - Reflected Cross-Site Scripting
Description The Canva – Design beautiful blog graphics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
7.1CVSS
6.4AI Score
0.0004EPSS
reCAPTCHA Jetpack <= 0.2.2 - Stored XSS via CSRF
Description The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged-in admin add Stored XSS payloads via a CSRF...
5.9AI Score
0.0004EPSS
GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the...
9.8CVSS
9.9AI Score
0.001EPSS
In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an endless loop (containing a Sass::Inspect::operator()(Sass::String_Quoted*) stack frame) may cause a Denial of Service via crafted sass input files with stray '&' or '/' characters. NOTE: Upstream comments indicate this issue is.....
6.7AI Score
0.001EPSS
In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an endless loop (containing a Sass::Inspect::operator()(Sass::String_Quoted*) stack frame) may cause a Denial of Service via crafted sass input files with stray '&' or '/' characters. NOTE: Upstream comments indicate this issue is.....
6.5CVSS
6.4AI Score
0.001EPSS
In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an endless loop (containing a Sass::Inspect::operator()(Sass::String_Quoted*) stack frame) may cause a Denial of Service via crafted sass input files with stray '&' or '/' characters. NOTE: Upstream comments indicate this issue is.....
6.5CVSS
6.3AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: mm: turn folio_test_hugetlb into a PageType The current folio_test_hugetlb() can be fooled by a concurrent folio split into returning true for a folio which has never belonged to hugetlbfs. This can't happen if the caller holds a.....
6.5AI Score
0.0004EPSS
uthenticode is a small cross-platform library for partially verifying Authenticode digital signatures. Versions of uthenticode prior to the 2.x series did not check Extended Key Usages in certificates, in violation of the Authenticode X.509 certificate profile. As a result, a malicious user could.....
7.5CVSS
7.2AI Score
0.001EPSS
Exploit for Improper Authentication in Bluetooth Bluetooth Core Specification
README Repository about the BLUR attacks presented at...
7.6AI Score
LetterPress <= 1.2.2 - Subscriber Deletion via CSRF
Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks, such as delete arbitrary...
6.9AI Score
0.0004EPSS
Ungallery <= 2.2.4 - Stored XSS via CSRF
Description The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF...
5.9AI Score
0.0004EPSS
The WP Prayer WordPress plugin through 2.0.9 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF...
6.5AI Score
0.0004EPSS
WP Google Maps < 9.0.30 - Reflected Cross-Site Scripting
Description The plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an...
7.1CVSS
6.5AI Score
0.0004EPSS
7.8CVSS
0.1AI Score
0.0004EPSS
Google will start deleting location history
Google announced that it will reduce the amount of personal data it is storing by automatically deleting old data from "Timeline"—the feature that, previously named "Location History," tracks user routes and trips based on a phone’s location, allowing people to revisit all the places they've been.....
6.7AI Score
A week in security (May 6 – May 12)
Last week on Malwarebytes Labs: Dell notifies customers about data breach DocGo patient health data stolen in cyberattack Desperate Taylor Swift fans defrauded by ticket scams Tracing what went wrong in 2012 for today’s teens, with Dr. Jean Twenge: Lock and Code S04E10 Last week on ThreatDown: ...
7.4AI Score
CVE-2024-31232 WordPress Rehub theme <= 19.6.1 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sizam Design Rehub allows PHP Local File Inclusion.This issue affects Rehub: from n/a through...
8CVSS
7.9AI Score
0.0004EPSS
CVE-2024-31231 WordPress Rehub theme <= 19.6.1 - Unauthenticated Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sizam Design Rehub allows PHP Local File Inclusion.This issue affects Rehub: from n/a through...
9CVSS
9.2AI Score
0.0004EPSS
Add Custom CSS and JS <= 1.20 - Stored XSS via CSRF
Description The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in as author and above add Stored XSS payloads via a CSRF...
5.9AI Score
0.0004EPSS
ImageMagick 6.x < 6.9.8-10 / 7.x < 7.0.5-9 Multiple Vulnerabilities
The version of ImageMagick installed on the remote Windows host is 6.x prior to 6.9.8-10 or 7.x prior to 7.0.5-9. It is, therefore, affected by multiple vulnerabilities : A flaw exists in the ReadRLEImage() function within file coders/rle.c when reading image color maps due to issues ...
7.5CVSS
7.9AI Score
0.005EPSS
RHEL 5 : spamassassin (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. spamassassin: command injection via crafted configuration file (CVE-2020-1931) A denial of service...
8AI Score
0.009EPSS
Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro Edition Design software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
7.1AI Score
0.0004EPSS
Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro Edition Design software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
6.7AI Score
0.0004EPSS
Exploit for Command Injection in Paloaltonetworks Pan-Os
PAN Rapid Check Simple(you should probably just do this in...
7.2AI Score
Uncontrolled search path in some Intel(R) Quartus(R) Prime Lite Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
7.1AI Score
0.0004EPSS
openSUSE: Security Advisory for cJSON (openSUSE-SU-2024:0139-1)
The remote host is missing an update for...
7.5CVSS
7.5AI Score
0.001EPSS
CVE-2024-31232 WordPress Rehub theme <= 19.6.1 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sizam Design Rehub allows PHP Local File Inclusion.This issue affects Rehub: from n/a through...
8CVSS
6.9AI Score
0.0004EPSS
CVE-2024-31231 WordPress Rehub theme <= 19.6.1 - Unauthenticated Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sizam Design Rehub allows PHP Local File Inclusion.This issue affects Rehub: from n/a through...
9CVSS
6.9AI Score
0.0004EPSS
WP Chat App < 3.6.4 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admins to perform Cross-Site Scripting attacks even when unfiltered_html is...
6AI Score
0.0004EPSS
Vulnerability of defects introduced in the design process in the Control Panel module.Successful exploitation of this vulnerability may cause app processes to be started by...
6.6AI Score
0.0004EPSS
Vulnerability of defects introduced in the design process in the Control Panel module.Successful exploitation of this vulnerability may cause app processes to be started by...
6.7AI Score
0.0004EPSS
7.2CVSS
6.4AI Score
EPSS
The LetterPress WordPress plugin through 1.2.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks, such as delete arbitrary...
6.8AI Score
0.0004EPSS
KeePassXC 2.7.7 allows an attacker (who has the privileges of the victim) to recover cleartext credentials via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic...
6.4AI Score
EPSS
KeePassXC 2.7.7 allows an attacker (who has the privileges of the victim) to recover cleartext credentials via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic...
6.8AI Score
EPSS
openSUSE Security Update : teeworlds (openSUSE-2019-1793)
This update for teeworlds fixes the following issues : CVE-2019-10879: An integer overflow in CDataFileReader::Open() could have lead to a buffer overflow and possibly remote code execution, because size-related multiplications were mishandled. (boo#1131729) CVE-2019-10878: A...
9.8CVSS
9.6AI Score
0.055EPSS
Backstage is an open platform for building developer portals. The Backstage scaffolder-backend plugin uses a templating library that requires sandbox, as it by design allows for code injection. The library used for this sandbox so far has been vm2, but in light of several past vulnerabilities and.....
9.9CVSS
8.4AI Score
0.007EPSS
Fedora: Security Advisory for cyrus-imapd (FEDORA-2024-f3e0255c75)
The remote host is missing an update for...
6.5CVSS
6.6AI Score
0.0005EPSS
Uncontrolled search path in some Intel(R) Quartus(R) Prime Lite Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
6.7AI Score
0.0004EPSS
CVE-2024-26723 lan966x: Fix crash when adding interface under a lag
In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix crash when adding interface under a lag There is a crash when adding one of the lan966x interfaces under a lag interface. The issue can be reproduced like this: ip link add name bond0 type bond miimon 100 mode...
7.7AI Score
0.0004EPSS
KeePassXC 2.7.7 allows an attacker (who has the privileges of the victim) to recover cleartext credentials via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic...
6.7AI Score
EPSS
KeePassXC 2.7.7 allows an attacker (who has the privileges of the victim) to recover cleartext credentials via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic...
6.4AI Score
EPSS
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A at least to 7.20A.252.062. The (1) management SSH and (2) management TELNET features allow remote attackers to cause a denial of service (connection slot exhaustion)...
7.5CVSS
7.6AI Score
0.002EPSS
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be invoked from any...
6.9AI Score
0.0004EPSS
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A at least to 7.20A.252.062. The (1) management SSH and (2) management TELNET features allow remote attackers to cause a denial of service (connection slot exhaustion)...
7.6AI Score
0.002EPSS
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A at least to 7.20A.252.062. The (1) management SSH and (2) management TELNET features allow remote attackers to cause a denial of service (connection slot exhaustion)...
7.3AI Score
0.002EPSS
QNAP QuTS hero < 5.2.0 Log Spoofing Vulnerability
QNAP QuTS hero is prone to a log spoofing...
7.2CVSS
6.4AI Score
EPSS
WP Prayer <= 2.0.9 - Arbitrary Prayer Deletion via CSRF
Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks PoC Make and admin open a URL where `` is any valid prayer ID:...
6.4AI Score
0.0004EPSS
Fedora: Security Advisory for python-django3 (FEDORA-2024-84fbbbb914)
The remote host is missing an update for...
7.5CVSS
7.9AI Score
0.001EPSS