Aggregator

A vulnerability classified as problematic was found in Hiroaki Miyashita Custom Field Template Plugin up to 2.6.5 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-44062. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in JoomUnited WP Meta SEO Plugin up to 4.5.13 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-45455. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Spiffy Plugins Spiffy Calendar Plugin up to 4.9.13 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-45458. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Spiffy Plugins Spiffy Calendar Plugin up to 4.9.13 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-45457. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in MediaRon Custom Query Blocks Plugin up to 5.3.1 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-44059. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in CryoutCreations Parabola Plugin up to 2.4.1 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-44058. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in CryoutCreations Nirvana Plugin up to 1.6.3 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-44057. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in PickPlugins Product Slider for WooCommerce Plugin up to 1.13.50 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-45459. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in webdesproxy 0.0.1. Affected by this issue is the function process_connection_request of the file webdesproxy.c. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2007-2668. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Notepad++ up to 4.1.1. Affected by this vulnerability is an unknown functionality of the file LexRuby.cxx of the component Source File Handler. The manipulation leads to memory corruption. This vulnerability is known as CVE-2007-2666. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to disable the affected component.

A vulnerability was found in EfesTECH Haber 5.0. It has been classified as critical. This affects an unknown part of the file default.asp. The manipulation of the argument id leads to sql injection. This vulnerability is uniquely identified as CVE-2007-2662. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in PrecisionID Barcode 1.3. This vulnerability affects unknown code in the library precisionid_datamatrix.dll of the component ActiveX Control. The manipulation leads to denial of service. This vulnerability was named CVE-2007-2657. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in GNOME Structured File Library 1.14.41 and classified as problematic. This issue affects the function tar_directory_for_file of the file gsf-infile-tar.c of the component TAR File Handler. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2016-9888. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

U.S. CISA adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilitie

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) CVE-2024-40711, a critical vulnerability affecting Veeam Backup & Replication (VBR), could soon be exploited by attackers to steal enterprise data. Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, … More →

The post Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days appeared first on Help Net Security.

世界第二大富豪短暂易主：甲骨文创始人埃里森身家一度超越贝索斯9 月 14 日消息，随着甲骨文（Oracle）作股价持续攀升，公司创始人兼董事长拉里・埃里森的财富也水涨船高。周五，甲骨文股价开盘大涨 7

260 万人使用，生成超 2700 万个视频。作者 | 甘德编辑 | 郑玄备受期待的「草莓大模型」最终以 o1 为名正式发布，预示着今年下半年的大模型竞争将再度升温。尽管 OpenAI 这次没有提及