‼ CVE-2023-1925 ‼
📖 Read
via "National Vulnerability Database".
The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfc_clear_cache_of_allsites_callback function. This makes it possible for unauthenticated attackers to clear caches via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-1928 ‼
📖 Read
via "National Vulnerability Database".
The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the wpfc_preload_single_callback function in versions up to, and including, 1.1.2. This makes it possible for authenticated attackers with subscriber-level access to initiate cache creation.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-1921 ‼
📖 Read
via "National Vulnerability Database".
The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfc_start_cdn_integration_ajax_request_callback function. This makes it possible for unauthenticated attackers to change cdn settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-1919 ‼
📖 Read
via "National Vulnerability Database".
The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfc_preload_single_save_settings_callback function. This makes it possible for unauthenticated attackers to change cache-related settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-29017 ‼
📖 Read
via "National Vulnerability Database".
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Prior to version 3.9.15, vm2 was not properly handling host objects passed to `Error.prepareStackTrace` in case of unhandled async errors. A threat actor could bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version 3.9.15 of vm2. There are no known workarounds.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-1931 ‼
📖 Read
via "National Vulnerability Database".
The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the deleteCssAndJsCacheToolbar function in versions up to, and including, 1.1.2. This makes it possible for authenticated attackers with subscriber-level access to perform cache deletion.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-1923 ‼
📖 Read
via "National Vulnerability Database".
The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfc_remove_cdn_integration_ajax_request_callback function. This makes it possible for unauthenticated attackers to change cdn settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.📖 Read
via "National Vulnerability Database".
🕴 Fight AI With AI 🕴
📖 Read
via "Dark Reading".
By developing new tools to defend against adversarial AI, companies can help ensure that AI is developed and used in a responsible and safe manner.📖 Read
via "Dark Reading".
Dark Reading
Fight AI With AI
By developing new tools to defend against adversarial AI, companies can help ensure that artificial intelligence is developed and used in a responsible and safe manner.
‼ CVE-2023-29475 ‼
📖 Read
via "National Vulnerability Database".
inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23543.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-29473 ‼
📖 Read
via "National Vulnerability Database".
webservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23710.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-29474 ‼
📖 Read
via "National Vulnerability Database".
inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23552.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2023-25214 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the setSchedWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-29478 ‼
📖 Read
via "National Vulnerability Database".
BiblioCraft before 2.4.6 does not sanitize path-traversal characters in filenames, allowing restricted write access to almost anywhere on the filesystem. This includes the Minecraft mods folder, which results in code execution.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25215 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25212 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetWirelessRepeat function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25211 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-27014 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_46AC38 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-27015 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_4A75C0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25219 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-27018 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_45EC1C function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25220 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the add_white_node function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.📖 Read
via "National Vulnerability Database".