Logo

Latest Vulnerabilities

In the past week, there have been several vulnerabilities reported in various plugins and packages for WordPress and OPNsense, as well as other software. These vulnerabilities include stored cross-site scripting (XSS), remote code execution (RCE), user enumeration, insecure direct object reference (IDOR), clickjacking, SQL injection, and signature malleability. These vulnerabilities can potentially allow attackers to execute arbitrary code, inject malicious scripts, steal sensitive information, or manipulate user data. It is important for users of these affected software to update to the latest versions and follow any security recommendations provided by the developers to protect their systems and data.

The Font Awesome More Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'icon' shortcode in versions up to, and including, 3.5 due to insufficient input sanitization and outp...
The TM WooCommerce Compare & Wishlist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'tm_woo_wishlist_table' shortcode in versions up to, and including, 1.1.7 due to insufficien...
OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard.
Versions of the package quill-mention before 4.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper user-input sanitization, via the renderList function. **Note:** If the mentions list ...
The Font Awesome Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'fawesome' shortcode in versions up to, and including, 5.0 due to insufficient input sanitization and...
OPNsense before 23.7.5 allows XSS via the index.php column_count parameter to the Lobby Dashboard.
This affects versions of the package pydash before 6.0.0. A number of pydash methods such as pydash.objects.invoke() and pydash.collections.invoke_map() accept dotted paths (Deep Path Strings) to targ...
A host header injection vulnerability exists in gugoan's Economizzer v.0.9-beta1 and commit 3730880 (April 2023). By sending a specially crafted host header in the reset password request, it is possib...
A remote code execution (RCE) vulnerability via an insecure file upload exists in gugoan's Economizzer v.0.9-beta1 and commit 3730880 (April 2023). A malicious attacker can upload a PHP web shell as a...
The commit 3730880 (April 2023) and v.0.9-beta1 of gugoan Economizzer has a user enumeration vulnerability in the login and forgot password functionalities. The app reacts differently when a user or e...
An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of ...
The commit 3730880 (April 2023) and v.0.9-beta1 of gugoan Economizzer is vulnerable to Clickjacking. Clickjacking, also known as a "UI redress attack", is when an attacker uses multiple transparent or...
Consensys gnark-crypto through 0.11.2 allows Signature Malleability. This occurs because deserialisation of EdDSA and ECDSA signatures does not ensure that the data is in a certain interval.
A SQL injection vulnerability exists in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1. The cash book has a feature to list accomplishments by category, and the 'category_id' parameter...
WebCatalog before 49.0 is vulnerable to Incorrect Access Control. WebCatalog calls the Electron shell.openExternal function without verifying that the URL is for an http or https resource, in some cir...
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component.
An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter.
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the subcmd parameter in the index.php component.
An issue in Binalyze IREC.sys v.3.11.0 and before allows a local attacker to execute arbitrary code and escalate privileges via the fun_1400084d0 function in IREC.sys driver.
Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 2.0.
Important: Network Observability 1.4.0 for OpenShift
Red Hat Network Observability (NETOBSERV) for ARM 64
Red Hat Network Observability (NETOBSERV) for IBM Power, little endian
Red Hat Network Observability (NETOBSERV)
Red Hat Network Observability (NETOBSERV) for IBM Z and LinuxONE
USN-6369-2: libwebp vulnerability
ubuntu/libwebp6<0.6.1-2ubuntu0.18.04.2+esm1
Ubuntu Ubuntu18.04
ubuntu/libwebpdemux2<0.6.1-2ubuntu0.18.04.2+esm1
Ubuntu Ubuntu18.04
ubuntu/libwebpmux3<0.6.1-2ubuntu0.18.04.2+esm1
Ubuntu Ubuntu18.04
An issue in Proxmox Server Solutions GmbH Proxmox VE v.5.4 thru v.8.0, Proxmox Backup Server v.1.1 thru v.3.0, and Proxmox Mail Gateway v.7.1 thru v.8.0 allows a remote authenticated attacker to escal...
Buffer Overflow vulnerability in ZYXEL ZYXEL v.PMG2005-T20B allows a remote attacker to cause a denial of service via a crafted script to the uid parameter in the cgi-bin/login.asp component.
A stored cross-site scripting (XSS) vulnerability in the cms/content/edit component of YZNCMS v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the t...
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the ID parameter in the index.php component.
Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component.
JFinalCMS foreground message can be embedded malicious code saved in the database. When users browse the comments, these malicious codes embedded in the HTML will be executed, and the user's browser w...
An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter.
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component.
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component.
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the index.php component.
An issue in PGYER codefever v.2023.8.14-2ce4006 allows a remote attacker to execute arbitrary code via a crafted request to the branchList component.
Warpgate is a smart SSH, HTTPS and MySQL bastion host for Linux that doesn't need special client apps. The SSH key verification for a user can be bypassed by sending an SSH key offer without a signatu...
SQL injection can exist in a newly created part of the JFinalcms background, and the parameters submitted by users are not filtered. As a result, special characters in parameters destroy the original ...
### Impact This vulnerability affects deployments of Imageflow that involve decoding or processing malicious source .webp files. If you only process your own trusted files, this should not affect you...
nuget/ImageResizer.Plugins.Imageflow<5.0.12
nuget/Imageflow.Server<0.8.2
nuget/Imageflow.NativeTool.osx_10_11-x86_64<2.0.0-preview8
nuget/Imageflow.NativeTool.ubuntu_18_04-x86_64<2.0.0-preview8
nuget/Imageflow.NativeTool.ubuntu_16_04-x86_64<2.0.0-preview8
nuget/Imageflow.NativeTool.ubuntu_18_04-x86_64-haswell<2.0.0-preview8
nuget/Imageflow.NativeRuntime.ubuntu_16_04-x86_64<2.0.0-preview8
nuget/Imageflow.NativeRuntime.osx_10_11-x86_64<2.0.0-preview8
nuget/Imageflow.NativeRuntime.ubuntu_18_04-x86_64<2.0.0-preview8
nuget/Imageflow.NativeRuntime.ubuntu_18_04-x86_64-haswell<2.0.0-preview8
nuget/Imageflow.NativeTool.ubuntu-x86_64-haswell<2.0.0-preview8
nuget/Imageflow.NativeTool.ubuntu-x86_64<2.0.0-preview8
nuget/Imageflow.NativeTool.win-x86<2.0.0-preview8
nuget/Imageflow.NativeTool.osx-x86_64<2.0.0-preview8
nuget/Imageflow.NativeTool.win-x86_64<2.0.0-preview8
nuget/Imageflow.NativeRuntime.ubuntu-x86_64-haswell<2.0.0-preview8
nuget/Imageflow.NativeRuntime.ubuntu-x86_64<2.0.0-preview8
nuget/Imageflow.NativeRuntime.win-x86<2.0.0-preview8
nuget/Imageflow.NativeRuntime.osx-x86_64<2.0.0-preview8
nuget/Imageflow.NativeRuntime.win-x86_64<2.0.0-preview8
nuget/Imageflow.AllPlatforms<0.10.2
matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. Instances that have enabled transformation functions (those that have `generic.allowJsTransform...
JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could explo...
JumpServer is an open source bastion host. An authenticated user can exploit a vulnerability in MongoDB sessions to execute arbitrary commands, leading to remote code execution. This vulnerability may...
### Impact Heap buffer overflow in `libwebp` allows a remote attacker to perform an out of bounds memory write via a crafted webp image. ### References - https://github.com/advisories/GHSA-j7hp-h8jx-...
npm/@napi-rs/image<1.7.0
The current regex implementation for parsing values in the module is susceptible to excessive backtracking, leading to potential DoS attacks. The regex implementation in question is as follows: ```js...
npm/get-func-name<2.0.1
Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site Scripting (XSS) via add category.
Sourcecodester Toll Tax Management System v1 is vulnerable to SQL Injection.
### Impact In Argo CD versions prior to 2.3 (starting at least in v0.1.0, but likely in any version using Helm before 2.3), using a specifically-crafted Helm file could reference external Helm charts ...
go/github.com/argoproj/argo-cd/v2<2.3.0
go/github.com/argoproj/argo-cd<=1.8.7
Argo CD is a declarative continuous deployment framework for Kubernetes. In Argo CD versions prior to 2.3 (starting at least in v0.1.0, but likely in any version using Helm before 2.3), using a specif...
go/github.com/argoproj/argo-cd/v2<2.3.0
go/github.com/argoproj/argo-cd<=1.8.7
Real Time Automation 460 Series products with versions prior to v8.9.8 are vulnerable to cross-site scripting, which could allow an attacker to run any JavaScript reference from the URL string. If th...
JumpServer is an open source bastion host. As an unauthenticated user, it is possible to authenticate to the core API with a username and an SSH public key without needing a password or the correspond...
JumpServer is an open source bastion host. The verification code for resetting user's password is vulnerable to brute-force attacks due to the absence of rate limiting. JumpServer provides a feature a...
Scylladb is a NoSQL data store using the seastar framework, compatible with Apache Cassandra. Authenticated users who are authorized to create tables in a keyspace can escalate their privileges to acc...
A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This vul...
SecAlerts Pty Ltd.
Fortitude Valley,
QLD 4006, Australia
© Copyright 2023 - ABN: 70 645 966 203, ACN: 645 966 203