The Webform Report project 7.x-1.x-dev for Drupal allows remote attackers to view submissions by visiting the /rss.xml page. NOTE: This project is not covered by Drupal’s security advisory policy. Date published : 2020-12-31 https://www.drupal.org/project/webform_report/issues/3101410
An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness. Date published : 2020-12-31 https://rustsec.org/advisories/RUSTSEC-2019-0034.html
An issue was discovered in the chacha20 crate before 0.2.3 for Rust. A ChaCha20 counter overflow makes it easier for attackers to determine plaintext. Date published : 2020-12-31 https://rustsec.org/advisories/RUSTSEC-2019-0029.html
An issue was discovered in the flatbuffers crate before 0.6.1 for Rust. Arbitrary bytes can be reinterpreted as a bool, defeating soundness. Date published : 2020-12-31 https://rustsec.org/advisories/RUSTSEC-2019-0028.html
An issue was discovered in the libsecp256k1 crate before 0.3.1 for Rust. Scalar::check_overflow allows a timing side-channel attack; consequently, attackers can obtain sensitive information. Date published : 2020-12-31 https://rustsec.org/advisories/RUSTSEC-2019-0027.html
An issue was discovered in the sodiumoxide crate before 0.2.5 for Rust. generichash::Digest::eq compares itself to itself and thus has degenerate security properties. Date published : 2020-12-31 https://rustsec.org/advisories/RUSTSEC-2019-0026.html
An issue was discovered in the serde_cbor crate before 0.10.2 for Rust. The CBOR deserializer can cause stack consumption via nested semantic tags. Date published : 2020-12-31 https://rustsec.org/advisories/RUSTSEC-2019-0025.html
An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offline and...
An issue was discovered in the XCloner Backup and Restore plugin before 4.2.153 for WordPress. It allows CSRF (via almost any endpoint). Date published : 2020-12-31 https://wpscan.com/vulnerability/10413 Critical Vulnerabilities Patched in XCloner Backup and...
An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It made it possible for unauthenticated attackers to upload arbitrary files and achieve remote code execution. If a quiz...
Common Weakness Enumeration, Software Assurance strategic initiative sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.OkPrivacy policy