Day: July 12, 2024

Description An Improper Neutralization of Data within XPath Expressions (‘XPath Injection’) vulnerability in J-Web shipped with Juniper Networks Junos OS

Description The JSON API User plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including,

Description EVerest is an EV charging software stack. An integer overflow in the “v2g_incoming_v2gtp” function in the v2g_server.cpp implementation can

Description Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover

Description Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Membership Software WishList Member X.This issue affects WishList Member

Description Vulnerability in Jaspersoft JasperReport Servers.This issue affects JasperReport Servers: from 8.0.4 through 9.0.0. References https://community.jaspersoft.com/advisories/jaspersoft-security-advisory-july-9-2024-jasperreports-server-cve-2024-3325-r4/ For More Information CVERecord

Description ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This

Description The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to authentication bypass in all

Description A vulnerability was found in Tenda AX1806 1.0.0.1. Affected by this issue is the function formSetRebootTimer of the file