π’ Critical vulnerability discovered in popular CI/CD framework π’
π Read
via "ITPro".
Flaw in GoCD software delivery pipeline thought to have affected a host of NGOs and Fortune 500 companiesπ Read
via "ITPro".
IT PRO
Critical vulnerability discovered in popular CI/CD framework | IT PRO
Flaw in GoCD software delivery pipeline thought to have affected a host of NGOs and Fortune 500 companies
π’ Ransomware gang claims to have hacked the NRA π’
π Read
via "ITPro".
βGrief" gang says it has already leaked some of its stolen data to the dark webπ Read
via "ITPro".
IT PRO
Ransomware gang claims to have hacked the NRA | IT PRO
βGrief" gang says it has already leaked some of its stolen data to the dark web
βΌ CVE-2020-25912 βΌ
π Read
via "National Vulnerability Database".
A XML External Entity (XXE) vulnerability was discovered in symphony\lib\toolkit\class.xmlelement.php in Symphony 2.7.10 which can lead to an information disclosure or denial of service (DOS).π Read
via "National Vulnerability Database".
βΌ CVE-2020-25911 βΌ
π Read
via "National Vulnerability Database".
A XML External Entity (XXE) vulnerability was discovered in the modRestServiceRequest component in MODX CMS 2.7.3 which can lead to an information disclosure or denial of service (DOS).π Read
via "National Vulnerability Database".
βΌ CVE-2021-33259 βΌ
π Read
via "National Vulnerability Database".
Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access, allowing for attackers to obtain users' DNS query history.π Read
via "National Vulnerability Database".
βοΈ βTrojan Sourceβ Bug Threatens the Security of All Code βοΈ
π Read
via "Krebs on Security".
Virtually all compilers -- programs that transform human-readable source code into computer-executable machine code -- are vulnerable to an insidious attack in which an adversary can introduce targeted vulnerabilities into any software without being detected, new research released today warns. The vulnerability disclosure was coordinated with multiple organizations, some of whom are now releasing updates to address the security weakness.π Read
via "Krebs on Security".
Krebs on Security
βTrojan Sourceβ Bug Threatens the Security of All Code
Virtually all compilers -- programs that transform human-readable source code into computer-executable machine code -- are vulnerable to an insidious attack in which an adversary can introduce targeted vulnerabilities into any software without being detectedβ¦
βΌ CVE-2021-24789 βΌ
π Read
via "National Vulnerability Database".
The Flat Preloader WordPress plugin before 1.5.5 does not escape some of its settings when outputting them in attribute in the frontend, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowedπ Read
via "National Vulnerability Database".
βΌ CVE-2018-25019 βΌ
π Read
via "National Vulnerability Database".
The LearnDash LMS WordPress plugin before 2.5.4 does not have any authorisation and validation of the file to be uploaded in the learndash_assignment_process_init() function, which could allow unauthenticated users to upload arbitrary files to the web serverπ Read
via "National Vulnerability Database".
βΌ CVE-2021-24793 βΌ
π Read
via "National Vulnerability Database".
The WPeMatico RSS Feed Fetcher WordPress plugin before 2.6.12 does not escape the Feed URL added to a campaign before outputting it in an attribute, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24799 βΌ
π Read
via "National Vulnerability Database".
The Far Future Expiry Header WordPress plugin before 1.5 does not have CSRF check when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24742 βΌ
π Read
via "National Vulnerability Database".
The Logo Slider and Showcase WordPress plugin before 1.3.37 allows Editor users to update the plugin's settings via the rtWLSSettings AJAX action because it uses a nonce for authorisation instead of a capability check.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24570 βΌ
π Read
via "National Vulnerability Database".
The Accept Donations with PayPal WordPress plugin before 1.3.1 offers a function to create donation buttons, which internally are posts. The process to create a new button is lacking a CSRF check. An attacker could use this to make an authenticated admin create a new button. Furthermore, one of the Button field is not escaped before being output in an attribute when editing a Button, leading to a Stored Cross-Site Scripting issue as well.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24624 βΌ
π Read
via "National Vulnerability Database".
The MP3 Audio Player for Music, Radio & Podcast by Sonaar WordPress plugin before 2.4.2 does not properly sanitize or escape data in some of its Playlist settings, allowing high privilege users to perform Cross-Site Scripting attacksπ Read
via "National Vulnerability Database".
βΌ CVE-2021-24682 βΌ
π Read
via "National Vulnerability Database".
The Cool Tag Cloud WordPress plugin before 2.26 does not escape the style attribute of the cool_tag_cloud shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24794 βΌ
π Read
via "National Vulnerability Database".
The Connections Business Directory WordPress plugin before 10.4.3 does not escape the Address settings when creating an Entry, which could allow high privilege users to perform Cross-Site Scripting when the unfiltered_html capability is disallowed.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24572 βΌ
π Read
via "National Vulnerability Database".
The Accept Donations with PayPal WordPress plugin before 1.3.1 provides a function to create donation buttons which are internally stored as posts. The deletion of a button is not CSRF protected and there is no control to check if the deleted post was a button post. As a result, an attacker could make logged in admins delete arbitrary postsπ Read
via "National Vulnerability Database".
βΌ CVE-2021-24715 βΌ
π Read
via "National Vulnerability Database".
The WP Sitemap Page WordPress plugin before 1.7.0 does not properly sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24809 βΌ
π Read
via "National Vulnerability Database".
The BP Better Messages WordPress plugin before 1.9.9.41 does not check for CSRF in multiple of its AJAX actions: bp_better_messages_leave_chat, bp_better_messages_join_chat, bp_messages_leave_thread, bp_messages_mute_thread, bp_messages_unmute_thread, bp_better_messages_add_user_to_thread, bp_better_messages_exclude_user_from_thread. This could allow attackers to make logged in users do unwanted actionsπ Read
via "National Vulnerability Database".
βΌ CVE-2021-40348 βΌ
π Read
via "National Vulnerability Database".
Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24770 βΌ
π Read
via "National Vulnerability Database".
The Stylish Price List WordPress plugin before 6.9.1 does not perform capability checks in its spl_upload_ser_img AJAX action (available to authenticated users), which could allow any authenticated users, such as subscriber, to upload arbitrary images.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24773 βΌ
π Read
via "National Vulnerability Database".
The WordPress Download Manager WordPress plugin before 3.2.16 does not escape some of the Download settings when outputting them, allowing high privilege users to perform XSS attacks even when the unfiltered_html capability is disallowedπ Read
via "National Vulnerability Database".