A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks.
Published at: June 15, 2020 at 11:15AM
View on website
Mes: junio 2020
New vulnerability on the NVD: CVE-2018-16848
A Denial of Service (DoS) condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service.
Published at: June 15, 2020 at 11:15AM
View on website
New vulnerability on the NVD: CVE-2019-19109
The wpForo plugin 1.6.5 for WordPress allows wp-admin/admin.php?page=wpforo-usergroups CSRF.
Published at: June 15, 2020 at 10:15AM
View on website
New vulnerability on the NVD: CVE-2019-19110
The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases s parameter.
Published at: June 15, 2020 at 10:15AM
View on website
New vulnerability on the NVD: CVE-2019-19111
The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases langid parameter.
Published at: June 15, 2020 at 10:15AM
View on website
Educ Arte Económico 