A vulnerability was found in Concrete CMS up to 8.5.5 (Content Management System). It has been rated as problematic. This issue affects some unknown functionality of the component Conversation Handler. Upgrading to version 8.5.6 eliminates this vulnerability. The upgrade is hosted for download at documentation.concretecms.org.
Concrete CMS up to 8.5.5 Conversation cross-site request forgery
- Virtual Patching
- September 24, 2021
- 7:04 am
CVE-2023-4291 : Frauscher Sensortechnik FDS101 For FAdC 1.4.24 Code Injection
Description Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and all previous versions are vulnerable to a remote code execution (RCE)
CVE-2023-2163 : Linux Kernel 5.4 BPF kernel/bpf/verifier.c backtrack_insn calculation
Description Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe,
CVE-2023-42454 : SQLpage Up To 0.11.0 Database Connection String sqlpage/sqlpage.json Information Disclosure
Description SQLpage is a SQL-only webapp builder. Someone using SQLpage versions prior to 0.11.1, whose SQLpage instance is exposed publicly,