The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install-plugin REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows au ...

Continue Reading

August 09, 2023

.NET Framework Spoofing VulnerabilityRead More ...

Continue Reading

August 09, 2023

.NET Framework Spoofing VulnerabilityRead More ...

Continue Reading

August 09, 2023

## Summary This fix upgrades to node 18.16.1. ## Vulnerability Details ** CVEID: **[CVE-2023-30584]() ** DESCRIPTION: **Node.js could allow a remote attacker to bypass security restrictions, caused by ...

Continue Reading

August 09, 2023

An update is available for module.mod_auth_openidc, cjose, module.cjose, mod_auth_openidc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a det ...

Continue Reading

August 09, 2023

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Farmakom Remote Administration Console allows SQL Injection.This issue affects Remote Administrati ...

Continue Reading

August 08, 2023

In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an unauthenticated remote attacker could use a reflective XSS within ...

Continue Reading

August 08, 2023

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use an attribute of a specific HTTP POST request releated to date/time operations to ...

Continue Reading

August 08, 2023