CVE-2023-25837
There is a Cross-site Scripting vulnerability in Esri Portal Sites in versions 10.8.1 â 10.9 that may allow a remote, authenticated attacker to create a crafted link which when clicked could p ...
Continue Reading
July 21, 2023
CVE-2023-25836
There is a Cross-site Scripting vulnerability in Esri Portal Sites in versions 10.8.1 â 10.9 that may allow a remote, authenticated attacker to create a crafted link which when clicked could p ...
Continue Reading
July 21, 2023
Perimeter81 macOS Application Multiple Vulnerabilities
### Overview A command injection vulnerability can be used in the Perimeter81 macOS application to run arbitrary commands with administrative privileges. ### Description At the time, the latest Perime ...
Continue Reading
July 20, 2023
Cross-Site Request Forgery (CSRF)
Assembla Auth Plugin is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability exists due to lack of a state parameter in its OAuth flow which allows an attacker to trick a user into loggi ...
Continue Reading
July 20, 2023
Wordfence Intelligence Weekly WordPress Vulnerability Report (July 10, 2023 to July 16, 2023)
_**Note**: We accidentally sent out an email for this report with last weeks subject line. Due to the subject line not being very different week to week for this report, we opted to just leave it as i ...
Continue Reading
July 20, 2023
(RHSA-2023:4241) Moderate: Red Hat OpenShift Data Foundation 4.10.14 security and bug fix update
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, productio ...
Continue Reading
July 20, 2023
CVE-2023-37290
InfoDoc Document On-line Submission and Approval System lacks sufficient restrictions on the available tags within its HTML to PDF conversion function, and allowing an unauthenticated attackers to loa ...
Continue Reading
July 20, 2023
CVE-2023-3779
The Essential Addons For Elementor plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 5.8.1 due to the plugin adding the API key to the source c ...
Continue Reading
July 20, 2023
CVE-2021-39822
Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current us ...
Continue Reading
July 20, 2023
CVE-2023-3779
The Essential Addons For Elementor plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 5.8.1 due to the plugin adding the API key to the source c ...
Continue Reading
July 20, 2023
