Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2023-25435: heap-buffer-overflow in extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753 (SIGSEGV) (#518) · Issues · libtiff / libtiff · GitLab

libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753.

CVE
Open in Source
#windows#ubuntu#linux#git#c++#buffer_overflow#ssh
Nokia ASIKA 7.13.52 Private Key Disclosure

Nokia ASIKA version 7.13.52 suffers from a hard-coded private key disclosure vulnerability.

WordPress Super Socializer 7.13.52 Cross Site Scripting

WordPress Super Socializer plugin version 7.13.52 suffers from a cross site scripting vulnerability.

Accent Microcomputers CMS 2.4 Directory Traversal

Accent Microcomputers CMS version 2.4 suffers from a directory traversal vulnerability.

WordPress WP Sticky Social 1.0.1 CSRF / Cross Site Scripting

WordPress WP Sticky Social plugin version 1.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

A Cart 2.0 Database Disclosure

A Cart version 2.0 suffers from a database disclosure vulnerability.

3CX Open Standards Software IP PBX Thailand 2.0.3 Cross Site Scripting

3CX Open Standards Software IP PBX Thailand version 2.0.3 suffers from a cross site scripting vulnerability.

RHSA-2023:3740: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.1 Patch 1 release security update

Red Hat Integration Camel for Spring Boot 3.20.1 Patch 1 release and security update is now available. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-20883: A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot's welcome page support, either static or templated, resulting in the application being deployed behind a proxy that cache...

Alert! Hackers Exploiting Critical Vulnerability in VMware's Aria Operations Networks

VMware has flagged that a recently patched critical command injection vulnerability in Aria Operations for Networks (formerly vRealize Network Insight) has come under active exploitation in the wild. The flaw, tracked as CVE-2023-20887, could allow a malicious actor with network access to the product to perform a command injection attack, resulting in remote code execution. It impacts VMware

Mysterious Mystic Stealer Spreads Like Wildfire in Mere Months

A criminal crowd-sourcing campaign has led to swift adoption of the stealer, which can pilfer key computer data, credentials from browsers and chat apps, and cryptocurrency from multiple wallets.