» CVE

CVE-2023-46776

Posted on 2023년 11월 6일2023년 11월 6일 by admin

CVE-2023-46776

Cross-Site Request Forgery (CSRF) vulnerability in Serena Villa Auto Excerpt everywhere plugin <=Â 1.5 versions.

Source: CVE-2023-46776

CVE-2023-46777

Posted on 2023년 11월 6일2023년 11월 6일 by admin

CVE-2023-46777

Cross-Site Request Forgery (CSRF) vulnerability in Custom Login Page | Temporary Users | Rebrand Login | Login Captcha plugin <=Â 1.1.3 versions.

Source: CVE-2023-46777

CVE-2023-47186

Posted on 2023년 11월 6일2023년 11월 6일 by admin

CVE-2023-47186

Cross-Site Request Forgery (CSRF) vulnerability in Kadence WP Kadence WooCommerce Email Designer plugin <=Â 1.5.11 versions.

Source: CVE-2023-47186

CVE-2023-5823

Posted on 2023년 11월 6일2023년 11월 6일 by admin

CVE-2023-5823

Cross-Site Request Forgery (CSRF) vulnerability in ThemeKraft TK Google Fonts GDPR Compliant plugin <=Â 2.2.11 versions.

Source: CVE-2023-5823

CVE-2023-46781

Posted on 2023년 11월 6일2023년 11월 6일 by admin

CVE-2023-46781

Cross-Site Request Forgery (CSRF) vulnerability in Roland Murg Current Menu Item for Custom Post Types plugin <=Â 1.5 versions.

Source: CVE-2023-46781

CVE-2023-46778

Posted on 2023년 11월 6일2023년 11월 6일 by admin

CVE-2023-46778

Cross-Site Request Forgery (CSRF) vulnerability in TheFreeWindows Auto Limit Posts Reloaded plugin <=Â 2.5 versions.

Source: CVE-2023-46778

CVE-2023-46775

Posted on 2023년 11월 6일2023년 11월 6일 by admin

CVE-2023-46775

Cross-Site Request Forgery (CSRF) vulnerability in Djo Original texts Yandex WebMaster plugin <=Â 1.18 versions.

Source: CVE-2023-46775

CVE-2023-5825

Posted on 2023년 11월 6일2023년 11월 6일 by admin

CVE-2023-5825

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. A low-privileged attacker can point a CI/CD Component to an incorrect path and cause the server to exhaust all available memory through an infinite loop and cause Denial of Service.

Source: CVE-2023-5825

CVE-2023-4996

Posted on 2023년 11월 6일2023년 11월 6일 by admin

CVE-2023-4996

Netskope was made aware of a security vulnerability in its NSClient product for version 100 & prior where a malicious non-admin user can disable the Netskope client by using a specially-crafted package. The root cause of the problem was a user control code when called by a Windows ServiceController did not validate the permissions associated with the user before executing the user control code. This user control code had permissions to terminate the NSClient service.Â

Source: CVE-2023-4996

CVE-2023-5090

Posted on 2023년 11월 6일2023년 11월 6일 by admin

CVE-2023-5090

A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition.

Source: CVE-2023-5090