Day: December 6, 2021

Canon LBP223 System Manager Mode Login improper authentication

A vulnerability classified as critical has been found in Canon LBP223 (version unknown). Affected is some unknown functionality of the

Common Vulnerabilities and Exposures

WP Google Fonts Plugin up to 3.1.4 on WordPress AJAX Action googlefont_action googlefont_ajax_family cross site scripting

A vulnerability classified as problematic was found in WP Google Fonts Plugin up to 3.1.4 on WordPress (WordPress Plugin). Affected

Common Vulnerabilities and Exposures

WP Data Access Plugin up to 4.x on WordPress backup_date sql injection

A vulnerability, which was classified as critical, has been found in WP Data Access Plugin up to 4.x on WordPress

Common Vulnerabilities and Exposures

Secure Copy Content Protection and Content Locking Plugin ays_sccp_results_export_file sql injection

A vulnerability, which was classified as critical, was found in Secure Copy Content Protection and Content Locking Plugin up to

Common Vulnerabilities and Exposures

Registrations for the Events Calendar Plugin up to 2.7.5 on WordPress rtec_send_unregister_link event_id sql injection

A vulnerability has been found in Registrations for the Events Calendar Plugin up to 2.7.5 on WordPress (Calendar Software) and

Common Vulnerabilities and Exposures

Contact Form, Survey & Popup Form Plugin up to 1.4 on WordPress cross site scripting

A vulnerability was found in Contact Form, Survey & Popup Form Plugin up to 1.4 on WordPress (Survey Software) and

Common Vulnerabilities and Exposures

PDF.js Viewer Plugin up to 2.0.1 on WordPress Shortcode cross site scripting

A vulnerability was found in PDF.js Viewer Plugin up to 2.0.1 on WordPress (JavaScript Library). It has been classified as

Common Vulnerabilities and Exposures

Tawk.To Live Chat Plugin up to 0.5.x on WordPress AJAX Action tawkto_setwidget/tawkto_removewidget authorization

A vulnerability was found in Tawk.To Live Chat Plugin up to 0.5.x on WordPress (Chat Software). It has been declared

Common Vulnerabilities and Exposures

Email Log Plugin up to 2.4.7 on WordPress Log Page d cross site scripting

A vulnerability was found in Email Log Plugin up to 2.4.7 on WordPress (WordPress Plugin). It has been rated as

Common Vulnerabilities and Exposures

Online Booking and Scheduling Plugin up to 20.3.0 on WordPress Staff Full Name cross site scripting

A vulnerability classified as problematic has been found in Online Booking and Scheduling Plugin up to 20.3.0 on WordPress (WordPress

Common Vulnerabilities and Exposures

WOOCS Plugin up to 1.3.7.0 on WordPress AJAX Action woocs_update_profiles_data key cross site scripting

A vulnerability classified as problematic was found in WOOCS Plugin up to 1.3.7.0 on WordPress (WordPress Plugin). This vulnerability affects

Common Vulnerabilities and Exposures

LoginWP Plugin prior 3.0.0.5 on WordPress Admin Page rul_login_url/rul_logout_url cross site scripting

A vulnerability, which was classified as problematic, has been found in LoginWP Plugin on WordPress (WordPress Plugin). This issue affects

Common Vulnerabilities and Exposures

10Web Photo Gallery Plugin prior 1.5.68 on WordPress AJAX Action bwg_frontend_data bwg_album_breadcrumb_0/shortcode_id cross site scripting

A vulnerability, which was classified as problematic, was found in 10Web Photo Gallery Plugin on WordPress (Photo Gallery Software). Affected

Common Vulnerabilities and Exposures

WPS Hide Login Plugin up to 1.9.0 on WordPress Secret Login Page /wp-admin/options.php access control

A vulnerability has been found in WPS Hide Login Plugin up to 1.9.0 on WordPress (WordPress Plugin) and classified as

Common Vulnerabilities and Exposures

Import any XML or CSV File Plugin up to 3.6.2 on WordPress Admin Page cross site scripting

A vulnerability was found in Import any XML or CSV File Plugin up to 3.6.2 on WordPress (WordPress Plugin) and

Common Vulnerabilities and Exposures

Invenio-Drafts-Resources up to 0.13.6/0.14.5 on Invenio REST API authorization

A vulnerability was found in Invenio-Drafts-Resources up to 0.13.6/0.14.5 on Invenio. It has been classified as critical. This affects an

Common Vulnerabilities and Exposures

runc up to 1.0.2 on Linux integer overflow

A vulnerability was found in runc up to 1.0.2 on Linux. It has been declared as critical. This vulnerability affects

Common Vulnerabilities and Exposures

Distributed Data Systems WebHMI 4.0 Portal unrestricted upload

A vulnerability was found in Distributed Data Systems WebHMI 4.0. It has been rated as very critical. This issue affects

Common Vulnerabilities and Exposures

GitLab 11.6 Database information disclosure

A vulnerability classified as problematic has been found in GitLab 11.6 (Bug Tracking Software). Affected is some unknown processing of

Common Vulnerabilities and Exposures

SolarWinds Serv-U Console access control

A vulnerability classified as critical was found in SolarWinds Serv-U Console (File Transfer Software) (affected version unknown). Affected by this

Common Vulnerabilities and Exposures

Sensormatic Entrapass access control

A vulnerability, which was classified as critical, has been found in Sensormatic Entrapass (affected version not known). Affected by this

Common Vulnerabilities and Exposures

GitLab 14.1.1 LDAP improper authentication

A vulnerability, which was classified as critical, was found in GitLab 14.1.1 (Bug Tracking Software). This affects some unknown functionality

Common Vulnerabilities and Exposures

Distributed Data Systems WebHMI up to 4.0 improper authentication

A vulnerability has been found in Distributed Data Systems WebHMI up to 4.0 and classified as critical. This vulnerability affects

Common Vulnerabilities and Exposures

SolarWinds Serv-U cross-site request forgery

A vulnerability was found in SolarWinds Serv-U (File Transfer Software) (unknown version) and classified as problematic. This issue affects an