CVE-2023-4599

The Slimstat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'eeb_mailto' shortcode in versions up to, and including, 2.1.7 due to insufficient input sanitization a ...

Continue Reading

CVSS3 - MEDIUM

CVSS2 - MEDIUM

CVE-2023-4596

The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in ve ...

Continue Reading

CVSS3 - CRITICAL

CVSS2 - HIGH

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities

## Summary There are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. Google Guava and Apache James MIM ...

Continue Reading

CVSS3 - CRITICAL

CVSS2 - HIGH

Security Bulletin: gRPC component is vulnerable to CVE-2023-32731 is used by IBM Maximo Application Suite

## Summary IBM Maximo Application Suite uses gRPC package which is vulnerable to CVE-2023-32731. ## Vulnerability Details ** CVEID: **[CVE-2023-32731]() ** DESCRIPTION: **gRPC could allow a remote att ...

Continue Reading

CVSS3 - HIGH

CVSS2 - MEDIUM

Security Bulletin: Operations Dashboard is vulnerable to remote code execution, privilege escalation, and denial of service due to multiple Go vulnerabilities

## Summary Operations Dashboard is vulnerable to remote code execution, privilege escalation, and denial of service due to multiple Go vulnerabilities with details below (CVE-2023-29405, CVE-2023-2940 ...

Continue Reading

CVSS3 - CRITICAL

CVSS2 - HIGH

CVE-2023-0921

A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11 before 15.11.7, and 16.0 before 16.0.2 allows an authenticated attacker to create a large Issue descri ...

Continue Reading

CVSS3 - MEDIUM

CVSS2 - MEDIUM

CVE-2023-38028

Saho’s attendance devices ADM100 and ADM-100FP have insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication to read system informat ...

Continue Reading

CVSS3 - CRITICAL

CVSS2 - MEDIUM

CVE-2023-38029

Saho’s attendance devices ADM100 and ADM-100FP has insufficient filtering for special characters and file type within their file uploading function. A unauthenticate remote attacker authenticated ...

Continue Reading

CVSS3 - CRITICAL

CVSS2 - HIGH

Back to Main

Subscribe for the latest news: