□ CVE-2023-50121Autel EVO NANO drone flight control firmware version 1.6.5 is vulnerable to denial of service 05:37:24 This vulnerability affects packages installed via the R CMD install cli command or the install.packages() function from the interpreter. □ CVE-2020-27637The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This makes it possible for authenticated attackers, with author-level access or above to change the plugin's settings including proxy settings, which are also exposed to 10:37:24 □ CVE-2023-6798The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check when updating settings in all versions up to, and including, 4.3.2. The Apache Axis project does not expect to create an Axis 1.x release fixing this problem, though contributors that would like to work towards this are 10:37:25 Alternatively you could use a build of Axis with the patch from applied. □ CVE-2023-51441** UNSUPPORTED WHEN ASSIGNED ** Improper Input Validation vulnerability in Apache Axis allowed users with access to the admin service to perform possible SSRFThis issue affects Apache Axis: through 1.3.As Axis 1 has been EOL we recommend you migrate to a different SOAP engine, such as Apache Axis 2/Java.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |