What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-08-02 11:15:09 | CVE-2021-24459 (lien direct) | The get_results() and get_items() functions in the Survey Maker WordPress plugin before 1.5.6 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard | Guideline | ||
|
2021-08-02 11:15:09 | CVE-2021-24461 (lien direct) | The get_faqs() function in the FAQ Builder AYS WordPress plugin before 1.3.6 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard | Guideline | ||
|
2021-08-02 11:15:09 | CVE-2021-24464 (lien direct) | The YouTube Embed, Playlist and Popup by WpDevArt WordPress plugin before 2.3.9 did not escape, validate or sanitise some of its shortcode options, available to users with a role as low as Contributor, leading to an authenticated Stored Cross-Site Scripting issue. | Guideline | ||
|
2021-08-02 11:15:09 | CVE-2021-24463 (lien direct) | The get_sliders() function in the Image Slider by Ays- Responsive Slider and Carousel WordPress plugin before 2.5.0 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard | Guideline | ||
|
2021-08-02 11:15:09 | CVE-2021-24448 (lien direct) | The User Registration & User Profile – Profile Builder WordPress plugin before 3.4.8 does not sanitise or escape its 'Modify default Redirect Delay timer' setting, allowing high privilege users to use JavaScript code in it, even when the unfiltered_html capability is disallowed, leading to an authenticated Stored Cross-Site Scripting issue | Guideline | ||
|
2021-08-02 11:15:09 | CVE-2021-24444 (lien direct) | The TaxoPress – Create and Manage Taxonomies, Tags, Categories WordPress plugin before 3.7.0.2 does not sanitise its Taxonomy description field, allowing high privilege users to set JavaScript payload in them even when the unfiltered_html capability is disallowed, leading to an authenticated Stored Cross-Site Scripting issue. | Guideline | ||
|
2021-08-02 11:15:09 | CVE-2021-24462 (lien direct) | The get_gallery_categories() and get_galleries() functions in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin before 4.4.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard | Guideline | ||
|
2021-08-02 11:15:09 | CVE-2021-24450 (lien direct) | The User Registration, User Profiles, Login & Membership – ProfilePress (Formerly WP User Avatar) WordPress plugin before 3.1.8 did not sanitise or escape some of its settings before saving them and outputting them back in the page, allowing high privilege users such as admin to set JavaScript payloads in them even when the unfiltered_html capability is disallowed, leading to an authenticated Stored Cross-Site Scripting issue | Guideline | ||
|
2021-08-02 11:15:09 | CVE-2021-24455 (lien direct) | The Tutor LMS – eLearning and online course solution WordPress plugin before 1.9.2 did not escape the Summary field of Announcements (when outputting it in an attribute), which can be created by users as low as Tutor Instructor. This lead to a Stored Cross-Site Scripting issue, which is triggered when viewing the Announcements list, and could result in privilege escalation when viewed by an admin. | Guideline | ||
|
2021-08-02 11:15:09 | CVE-2021-24460 (lien direct) | The get_fb_likeboxes() function in the Popup Like box – Page Plugin WordPress plugin before 3.5.3 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard | Guideline | ||
|
2021-08-02 11:15:09 | CVE-2021-24457 (lien direct) | The get_portfolios() and get_portfolio_attributes() functions in the class-portfolio-responsive-gallery-list-table.php and class-portfolio-responsive-gallery-attributes-list-table.php files of the Portfolio Responsive Gallery WordPress plugin before 1.1.8 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard | Guideline | ||
|
2021-08-02 11:15:08 | CVE-2021-24425 (lien direct) | The Floating Notification Bar, Sticky Menu on Scroll, and Sticky Header for Any Theme – myStickymenu WordPress plugin before 2.5.2 does not sanitise or escape its Bar Text settings, allowing hight privilege users to use malicious JavaScript in it, leading to a Stored Cross-Site Scripting issue, which will be triggered in the plugin's setting, as well as all front-page of the blog (when the Welcome bar is active) | Guideline | ||
|
2021-08-02 11:15:08 | CVE-2021-24428 (lien direct) | The RSS for Yandex Turbo WordPress plugin through 1.30 does not sanitise or escape some of its settings before saving and outputing them in the admin dashboard, leading to an Authenticated Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed. | Guideline | ||
|
2021-08-02 11:15:08 | CVE-2021-24430 (lien direct) | The Speed Booster Pack âš¡ PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its caching_exclude_urls and caching_include_query_strings settings before outputting them in a PHP file, which could lead to RCE | Guideline | ||
|
2021-07-30 14:15:18 | CVE-2021-37600 (lien direct) | An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. | Guideline | ||
|
2021-07-30 14:15:17 | CVE-2021-35472 (lien direct) | An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to authorization bypass or spoofing. By running a loop that makes many authentication attempts, an attacker might alternately be authenticated as one of two different users. | Guideline | ||
|
2021-07-28 13:15:08 | CVE-2020-5004 (lien direct) | IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192957. | Vulnerability Guideline | ||
|
2021-07-28 13:15:08 | CVE-2020-4974 (lien direct) | IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 192434. | Guideline | ||
|
2021-07-27 22:15:07 | CVE-2021-32796 (lien direct) | xmldom is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.6.0 and older do not correctly escape special characters when serializing elements removed from their ancestor. This may lead to unexpected syntactic changes during XML processing in some downstream applications. This issue has been resolved in version 0.7.0. As a workaround downstream applications can validate the input and reject the maliciously crafted documents. | Guideline | ||
|
2021-07-27 12:15:07 | CVE-2021-20562 (lien direct) | IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_3 and 6.1.0.0 through 6.1.0.2 vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199232. | Vulnerability Guideline | ||
|
2021-07-26 22:15:08 | CVE-2020-18430 (lien direct) | tinyexr 0.9.5 was discovered to contain an array index error in the tinyexr::DecodeEXRImage component, which can lead to a denial of service (DOS). | Guideline | ||
|
2021-07-26 22:15:08 | CVE-2020-18428 (lien direct) | tinyexr commit 0.9.5 was discovered to contain an array index error in the tinyexr::SaveEXR component, which can lead to a denial of service (DOS). | Guideline | ||
|
2021-07-26 17:15:08 | CVE-2021-32791 (lien direct) | mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, the AES GCM encryption in mod_auth_openidc uses a static IV and AAD. It is important to fix because this creates a static nonce and since aes-gcm is a stream cipher, this can lead to known cryptographic issues, since the same key is being reused. From 2.4.9 onwards this has been patched to use dynamic values through usage of cjose AES encryption routines. | Guideline | ★★★ | |
|
2021-07-26 16:15:07 | CVE-2021-32631 (lien direct) | Common is a package of common modules that can be accessed by NIMBLE services. Common before commit number 3b96cb0293d3443b870351945f41d7d55cb34b53 did not properly verify the signature of JSON Web Tokens. This allows someone to forge a valid JWT. Being able to forge JWTs may lead to authentication bypasses. Commit number 3b96cb0293d3443b870351945f41d7d55cb34b53 contains a patch for the issue. As a workaround, one may use the parseClaimsJws method to correctly verify the signature of a JWT. | Guideline | ||
|
2021-07-26 12:15:08 | CVE-2021-22144 (lien direct) | In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node. | Vulnerability Guideline | ||
|
2021-07-25 22:15:08 | CVE-2021-37444 (lien direct) | NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message function, or a file for the the inbuilt Autodial function. | Guideline | ★★ | |
|
2021-07-23 01:15:07 | CVE-2021-24036 (lien direct) | Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. This issue affects versions of folly prior to v2021.07.22.00. This issue affects HHVM versions prior to 4.80.5, all versions between 4.81.0 and 4.102.1, all versions between 4.103.0 and 4.113.0, and versions 4.114.0, 4.115.0, 4.116.0, 4.117.0, 4.118.0 and 4.118.1. | Guideline | ||
|
2021-07-22 22:15:08 | CVE-2021-32786 (lien direct) | mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9, `oidc_validate_redirect_url()` does not parse URLs the same way as most browsers do. As a result, this function can be bypassed and leads to an Open Redirect vulnerability in the logout functionality. This bug has been fixed in version 2.4.9 by replacing any backslash of the URL to redirect with slashes to address a particular breaking change between the different specifications (RFC2396 / RFC3986 and WHATWG). As a workaround, this vulnerability can be mitigated by configuring `mod_auth_openidc` to only allow redirection whose destination matches a given regular expression. | Vulnerability Guideline | ★★★★ | |
|
2021-07-22 05:15:08 | CVE-2021-1095 (lien direct) | NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service. | Vulnerability Guideline | ||
|
2021-07-22 05:15:08 | CVE-2021-1096 (lien direct) | NVIDIA Windows GPU Display Driver for Windows contains a vulnerability in the NVIDIA kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where dereferencing a NULL pointer may lead to a system crash. | Vulnerability Guideline | ||
|
2021-07-22 05:15:08 | CVE-2021-1094 (lien direct) | NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure. | Vulnerability Guideline | ||
|
2021-07-22 05:15:07 | CVE-2021-1093 (lien direct) | NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash. | Vulnerability Guideline | ||
|
2021-07-22 05:15:07 | CVE-2021-1089 (lien direct) | NVIDIA GPU Display Driver for Windows contains a vulnerability in nvidia-smi where an uncontrolled DLL loading path may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. | Vulnerability Guideline | ★★★★★ | |
|
2021-07-22 05:15:07 | CVE-2021-1090 (lien direct) | NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for control calls where the software reads or writes to a buffer by using an index or pointer that references a memory location after the end of the buffer, which may lead to data tampering or denial of service. | Vulnerability Guideline | ★★ | |
|
2021-07-21 18:15:09 | CVE-2020-19492 (lien direct) | There is a floating point exception in ReadImage that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact. | Guideline | ★★★★ | |
|
2021-07-21 18:15:09 | CVE-2020-19491 (lien direct) | There is an invalid memory access bug in cgif.c that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact. | Guideline | ★★★ | |
|
2021-07-21 15:16:20 | CVE-2021-34619 (lien direct) | The WooCommerce Stock Manager WordPress plugin is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Upload in versions up to, and including, 2.5.7 due to missing nonce and file validation in the /woocommerce-stock-manager/trunk/admin/views/import-export.php file. | Guideline | ||
|
2021-07-21 15:16:20 | CVE-2021-37159 (lien direct) | hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. | Guideline | ||
|
2021-07-21 15:15:15 | CVE-2021-22774 (lien direct) | A CWE-759: Use of a One-Way Hash without a Salt vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that could lead an attacker to get knowledge of charging station user account credentials using dictionary attacks techniques. | Vulnerability Guideline | ||
|
2021-07-21 15:15:13 | CVE-2021-20106 (lien direct) | Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host. | Vulnerability Guideline | ||
|
2021-07-21 03:15:07 | CVE-2021-1100 (lien direct) | NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver (nvidia.ko), in which a pointer to a user-space buffer is not validated before it is dereferenced, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8). | Vulnerability Guideline | ||
|
2021-07-21 03:15:07 | CVE-2021-1101 (lien direct) | NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8). | Vulnerability Guideline | ||
|
2021-07-21 03:15:07 | CVE-2021-1103 (lien direct) | NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8). | Vulnerability Guideline | ||
|
2021-07-21 03:15:07 | CVE-2021-1102 (lien direct) | NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can lead to floating point exceptions, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8). | Vulnerability Guideline | ||
|
2021-07-21 03:15:07 | CVE-2021-1099 (lien direct) | NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. Such an attack may lead to information disclosure, data tampering, or denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8). | Vulnerability Guideline | ||
|
2021-07-21 03:15:06 | CVE-2021-1098 (lien direct) | NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it doesn't release some resources during driver unload requests from guests. This flaw allows a malicious guest to perform operations by reusing those resources, which may lead to information disclosure, data tampering, or denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8). | Vulnerability Guideline | ||
|
2021-07-21 03:15:06 | CVE-2021-1097 (lien direct) | NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it improperly validates the length field in a request from a guest. This flaw allows a malicious guest to send a length field that is inconsistent with the actual length of the input, which may lead to information disclosure, data tampering, or denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8). | Vulnerability Guideline | ||
|
2021-07-20 19:15:09 | CVE-2021-33909 (lien direct) | fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. | Guideline | ||
|
2021-07-20 12:15:07 | CVE-2020-15660 (lien direct) | Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution. | Guideline | ||
|
2021-07-19 22:15:09 | CVE-2020-29503 (lien direct) | Dell EMC PowerStore versions prior to 1.0.3.0.5.xxx contain a file permission Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the information disclosure of certain system directory. | Guideline |
To see everything:
Our RSS (filtrered)
