‼️CVE-2023-52305‼️
📖 Read more
Via "National Vulnerability Database"
FPE in paddle.topk in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52306‼️
📖 Read more
Via "National Vulnerability Database"
FPE in paddle.lerp in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52307‼️
📖 Read more
Via "National Vulnerability Database"
Stack overflow in paddle.linalg.luunpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52308‼️
📖 Read more
Via "National Vulnerability Database"
FPE in paddle.amin in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52309‼️
📖 Read more
Via "National Vulnerability Database"
Heap buffer overflow in paddle.repeatinterleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52310‼️
📖 Read more
Via "National Vulnerability Database"
PaddlePaddle before 2.6.0 has a command injection in getonlinepassinterval. This resulted in the ability to execute arbitrary commands on the operating system. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52311‼️
📖 Read more
Via "National Vulnerability Database"
PaddlePaddle before 2.6.0 has a command injection in wgetdownload. This resulted in the ability to execute arbitrary commands on the operating system. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52312‼️
📖 Read more
Via "National Vulnerability Database"
Nullptr dereference in paddle.crop in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52313‼️
📖 Read more
Via "National Vulnerability Database"
FPE in paddle.argmin and paddle.argmax in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52314‼️
📖 Read more
Via "National Vulnerability Database"
PaddlePaddle before 2.6.0 has a command injection in convertshapecompare. This resulted in the ability to execute arbitrary commands on the operating system. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-6621‼️
📖 Read more
Via "National Vulnerability Database"
The POST SMTP WordPress plugin before 2.8.7 does not sanitise and escape the msg parameter before outputting it back in the page, leading to a Reflected CrossSite Scripting which could be used against high privilege users such as admin.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-6747‼️
📖 Read more
Via "National Vulnerability Database"
The Best WordPress Gallery Plugin FooGallery plugin for WordPress is vulnerable to Stored CrossSite Scripting via the custom attributes in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping. This makes it possible for contributors and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-6984‼️
📖 Read more
Via "National Vulnerability Database"
The PowerPack Addons for Elementor Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to CrossSite Request Forgery in all versions up to, and including, 2.7.13. This is due to missing or incorrect nonce validation in the powerpackliteforelementorclassesclassppadminsettings.php file. This makes it possible for unauthenticated attackers to modify and reset plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7068‼️
📖 Read more
Via "National Vulnerability Database"
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on theprintpackinglist action in all versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with subscriberlevel access and above, to export orders which can contain sensitive information.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-51784‼️
📖 Read more
Via "National Vulnerability Database"
Improper Control of Generation of Code 'Code Injection' vulnerability in Apache InLong.This issue affects Apache InLong from 1.5.0 through 1.9.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.10.0 or cherrypick 1 to solve it. 1 httpsgithub.comapacheinlongpull9329 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-51785‼️
📖 Read more
Via "National Vulnerability Database"
Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong from 1.7.0 through 1.9.0, the attackers can make a arbitrary file read attack using mysql driver. Users are advised to upgrade to Apache InLong's 1.10.0 or cherrypick 1 to solve it. 1 httpsgithub.comapacheinlongpull9331 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2024-0201‼️
📖 Read more
Via "National Vulnerability Database"
The Product Expiry for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'savesettings' function in versions up to, and including, 2.5. This makes it possible for authenticated attackers, with subscriberlevel permissions or above to update plugin settings.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-37608‼️
📖 Read more
Via "National Vulnerability Database"
An issue in Automatic Systems SOC FL9600 FastLine v.legoT04E00 allows a remote attacker to obtain sensitive information via the admin login credentials.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-39655‼️
📖 Read more
Via "National Vulnerability Database"
A host header injection vulnerability exists in the NPM package perfoodcouchauth versions 0.20.0. By sending a specially crafted host header in the forgot password request, it is possible to send password reset links to users which, once clicked, lead to an attackercontrolled server and thus leak the password reset token. This may allow an attacker to reset other users' passwords and take over their accounts.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-50092‼️
📖 Read more
Via "National Vulnerability Database"
APIIDA API Gateway Manager for Broadcom Layer7 v2023.2 is vulnerable to Cross Site Scripting XSS.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-37607‼️
📖 Read more
Via "National Vulnerability Database"
Directory Traversal in AutomaticSystems SOC FL9600 FastLine legoT04E00 allows a remote attacker to obtain sensitive information.📖 Read more
Via "National Vulnerability Database"
❤1