Tagged: Cybersecurity Alert

The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions up to, and including, 1.20.32 due to insufficient output escaping in the gallery template. This makes...

The CodeColorer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class’ parameter in ‘cc’ comment shortcode in versions up to, and including, 0.10.1 due to insufficient input sanitization and output escaping....

The WP Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpdocs_options[icon_size]’ parameter in all versions up to, and including, 2.2.9 due to insufficient input sanitization and output escaping. This makes...

MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read system files. More information : https://www.twcert.org.tw/en/cp-139-10843-9ff91-2.html

WinMatrix agent developed by Simopro Technology has a Missing Authentication vulnerability, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges on the local machine as well as on all hosts within the...

The  iSherlock developed by HGiga  has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server. More information : https://www.twcert.org.tw/en/cp-139-10841-4f504-2.html

MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program’s execution flow and execute arbitrary code. More information : https://www.twcert.org.tw/en/cp-139-10843-9ff91-2.html

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘su_box’ shortcode in all versions up to, and including, 7.4.9 due to insufficient input sanitization...

radare2 before 9236f44, when configured on UNIX without SSL, allows command injection via a PDB name to rabin2 -PP. NOTE: although users are supposed to use the latest version from git (not a release),...

A Download of Code Without Integrity Check vulnerability in the update modules in ASUS Member Center(华硕大厅) allows a local user to achieve privilege escalation to Administrator via exploitation of a Time-of-check Time-of-use (TOC-TOU) during...

An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources during the validation phase, permitting a local user to...

FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c. More information : https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/22348

The WP YouTube Lyte plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘lyte’ shortcode in all versions up to, and including, 1.7.29 due to insufficient input sanitization and output escaping...

Creolabs Gravity before 0.9.6 contains a heap buffer overflow vulnerability in the gravity_vm_exec function that allows attackers to write out-of-bounds memory by crafting scripts with many string literals at global scope. Attackers can exploit...