Tag: Bulletins

Vulnerability Summary for the Week of January 13, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Campaign Management System Platform for Women  A vulnerability was found in 1000 Projects Campaign Management System Platform for Women 1.0. It has been declared as critical. Affected by…

Read more →

Vulnerability Summary for the Week of January 6, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 5centsCDN–5centsCDN  Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in 5centsCDN 5centsCDN allows Reflected XSS.This issue affects 5centsCDN: from n/a through 24.8.16. 2025-01-07 7.1 CVE-2025-22326 a3rev–Compare…

Read more →

Vulnerability Summary for the Week of December 30, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 10CentMail–10CentMail  Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in 10CentMail allows Reflected XSS.This issue affects 10CentMail: from n/a through 2.1.50. 2025-01-02 7.1 CVE-2024-56030 2100 Technology…

Read more →

Vulnerability Summary for the Week of December 23, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Attendance Tracking Management System  A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been rated as critical. This issue affects some unknown processing…

Read more →

Vulnerability Summary for the Week of December 16, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Attendance Tracking Management System  A vulnerability has been found in 1000 Projects Attendance Tracking Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown…

Read more →

Vulnerability Summary for the Week of December 9, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info n/a — n/a   The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation due to a…

Read more →

Vulnerability Summary for the Week of December 2, 2024

High Vulnerabilities PrimaryVendor — Product Description8 Published CVSS Score Source Info SailPoint Technologies–IdentityIQ  IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p5, IdentityIQ 8.2 and all 8.2 patch levels…

Read more →

Vulnerability Summary for the Week of November 25, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Portfolio Management System MCA  A vulnerability has been found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. Affected by this vulnerability is an unknown…

Read more →

Vulnerability Summary for the Week of November 4, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Beauty Parlour Management System  A vulnerability, which was classified as critical, has been found in 1000 Projects Beauty Parlour Management System 1.0. This issue affects some unknown processing…

Read more →

Vulnerability Summary for the Week of October 28, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info acnoo — flutter_api  Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API allows Authentication Bypass.This issue affects Acnoo Flutter API: from n/a…

Read more →

Vulnerability Summary for the Week of October 21, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Admin–Verbalize WP  Unrestricted Upload of File with Dangerous Type vulnerability in Admin Verbalize WP Upload a Web Shell to a Web Server.This issue affects Verbalize WP: from…

Read more →

Vulnerability Summary for the Week of October 14, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Acespritech Solutions Pvt. Ltd.–Social Link Groups  Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Acespritech Solutions Pvt. Ltd. Social Link Groups…

Read more →

Vulnerability Summary for the Week of October 7, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info adobe — animate  Animate versions 23.0.7, 24.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context…

Read more →

Vulnerability Summary for the Week of September 30, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info n/a–n/a  An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The application exposes a web interface locally. In the worst-case scenario, if the application is…

Read more →

Vulnerability Summary for the Week of September 23, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Dover Fueling Solutions (DFS)–ProGauge MAGLINK LX CONSOLE  A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a remote attacker to inject…

Read more →

Vulnerability Summary for the Week of September 16, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info CIRCUTOR–CIRCUTOR Q-SMT  CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an attacker with access to the web…

Read more →

Vulnerability Summary for the Week of September 9, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Siemens–Industrial Edge Management Pro  A vulnerability has been identified in Industrial Edge Management Pro (All versions < V1.9.5), Industrial Edge Management Virtual (All versions < V2.3.1-1). Affected…

Read more →

Vulnerability Summary for the Week of September 2, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info abcd-community — abcd  A vulnerability classified as problematic has been found in ABCD ABCD2 up to 2.2.0-beta-1. This affects an unknown part of the file /common/show_image.php. The…

Read more →

Vulnerability Summary for the Week of August 26, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info Adobe–Acrobat Reader  Acrobat Reader versions 127.0.2651.105 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the…

Read more →

Vulnerability Summary for the Week of August 19, 2024

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Liquid Web–GiveWP  Deserialization of Untrusted Data vulnerability in Liquid Web GiveWP allows Object Injection.This issue affects GiveWP: from n/a through 3.14.1. 2024-08-19 10 CVE-2024-37099 audit@patchstack.com  webdevmattcrom–GiveWP Donation…

Read more →