CVE

GitLab denial of service | CVE-2024-1066

February 9, 2024

NAME__________GitLab denial of servicePlatforms Affected:GitLab GitLab 16.8.1 Community Edition GitLab GitLab 16.8.1 Enterprise Edition GitLab GitLab 16.7.4 Enterprise Edition GitLab...

IBM Engineering Lifecycle Optimization HTTP header injection | CVE-2023-45190

February 9, 2024

NAME__________IBM Engineering Lifecycle Optimization HTTP header injectionPlatforms Affected:IBM Engineering Lifecycle Optimization Publishing 7.0.2 IBM Engineering Lifecycle Optimization Publishing 7.0.3Risk Level:5.1Exploitability:UnprovenConsequences:Gain...

GitLab denial of service | CVE-2024-6386

February 9, 2024

NAME__________GitLab denial of servicePlatforms Affected:GitLab GitLab 16.8.1 Community Edition GitLab GitLab 16.8.1 Enterprise Edition GitLab GitLab 16.7.4 Enterprise Edition GitLab...

GitLab privilege escalation | CVE-2024-1250

February 9, 2024

NAME__________GitLab privilege escalationPlatforms Affected:GitLab GitLab 16.8.1 Community Edition GitLab GitLab 16.8.1 Enterprise Edition GitLab GitLab 16.7.4 Enterprise Edition GitLab GitLab...

IBM Engineering Lifecycle Optimization – Publishing session fixation | CVE-2023-45187

February 9, 2024

NAME__________IBM Engineering Lifecycle Optimization - Publishing session fixationPlatforms Affected:IBM Engineering Lifecycle Optimization Publishing 7.0.2 IBM Engineering Lifecycle Optimization Publishing 7.0.3Risk...

GitLab security bypass | CVE-2024-6840

February 9, 2024

NAME__________GitLab security bypassPlatforms Affected:GitLab GitLab 16.8.1 Community Edition GitLab GitLab 16.8.1 Enterprise Edition GitLab GitLab 16.7.4 Enterprise Edition GitLab GitLab...

Apache bRPC HTTP request smuggling | CVE-2024-23452

February 9, 2024

NAME__________Apache bRPC HTTP request smugglingPlatforms Affected:Apache bRPC 1.0.0 Apache bRPC 1.1.0 Apache bRPC 1.2.0 Apache bRPC 1.3.0 Apache bRPC 1.4.0...

IBM Sterling B2B Integrator denial of service | CVE-2023-32341

February 9, 2024

NAME__________IBM Sterling B2B Integrator denial of servicePlatforms Affected:IBM Sterling B2B Integrator 6.0.0.0 IBM Sterling B2B Integrator 6.1.0.0 IBM Sterling B2B...

Qolsys IQ Panel 4 and Qolsys IQ4 Hub information disclosure | CVE-2024-0242

February 9, 2024

NAME__________Qolsys IQ Panel 4 and Qolsys IQ4 Hub information disclosurePlatforms Affected:Qolsys IQ Panel 4 4.4.1 Qolsys IQ4 Hub 4.4.1Risk Level:7.3Exploitability:UnprovenConsequences:Obtain...

Dell EMC AppSync information disclosure | CVE-2024-22464

February 9, 2024

NAME__________Dell EMC AppSync information disclosurePlatforms Affected:Dell EMC AppSync 4.2.0.0 Dell EMC AppSync 4.6.0.1Risk Level:6.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Dell EMC AppSync could allow...

PT Sign Ups plugin for WordPress cross-site scripting | CVE-2024-24848

February 8, 2024

NAME__________PT Sign Ups plugin for WordPress cross-site scriptingPlatforms Affected:MJS Software PT Sign Ups plugin for WordPress 1.0.4Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PT...

Add Customer for WooCommerce plugin for WordPress cross-site scripting | CVE-2024-24841

February 8, 2024

NAME__________Add Customer for WooCommerce plugin for WordPress cross-site scriptingPlatforms Affected:Dan's Art Add Customer for WooCommerce plugin for WordPress 1.7Risk Level:6.1Exploitability:HighConsequences:Cross-Site...

Five Star Restaurant Reviews plugin for WordPress cross-site scripting | CVE-2024-24838

February 8, 2024

NAME__________Five Star Restaurant Reviews plugin for WordPress cross-site scriptingPlatforms Affected:Five Star Plugins Five Star Restaurant Reviews plugin for WordPress 2.3.5Risk...

Structured Content plugin for WordPress cross-site scripting | CVE-2024-24839

February 8, 2024

NAME__________Structured Content plugin for WordPress cross-site scriptingPlatforms Affected:Gordon Böhme Structured Content plugin for WordPress 1.6.1Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Structured Content plugin...

CalculatorPro Calculators plugin for WordPress cross-site scripting | CVE-2024-24847

February 8, 2024

NAME__________CalculatorPro Calculators plugin for WordPress cross-site scriptingPlatforms Affected:jgadbois CalculatorPro Calculators plugin for WordPress 1.1.7Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________CalculatorPro Calculators plugin for...

Mighty Addons for Elementor plugin for WordPress cross-site scripting | CVE-2024-24846

February 8, 2024

NAME__________Mighty Addons for Elementor plugin for WordPress cross-site scriptingPlatforms Affected:MightyThemes Mighty Addons for Elementor plugin for WordPress 1.9.3Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting...

QNAP QTS, QuTS hero and QuTScloud buffer overflow | CVE-2023-45037

February 8, 2024

NAME__________QNAP QTS, QuTS hero and QuTScloud buffer overflowPlatforms Affected:QNAP QTS 5.1 QNAP QuTS hero h5.1 QNAP QuTScloud c5.1Risk Level:3.8Exploitability:UnprovenConsequences:Gain Access...

Advanced iFrame plugin for WordPress cross-site scripting | CVE-2024-24870

February 8, 2024

NAME__________Advanced iFrame plugin for WordPress cross-site scriptingPlatforms Affected:Michael Dempfle Advanced iFrame plugin for WordPress 2023.10Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Advanced iFrame plugin...

Scroll Triggered Box plugin for WordPress cross-site scripting | CVE-2024-24865

February 8, 2024

NAME__________Scroll Triggered Box plugin for WordPress cross-site scriptingPlatforms Affected:Noah Kagan Scroll Triggered Box plugin for WordPress 2.3Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Scroll...

QNAP QTS, QuTS hero and QuTScloud buffer overflow | CVE-2023-41292

February 8, 2024

NAME__________QNAP QTS, QuTS hero and QuTScloud buffer overflowPlatforms Affected:QNAP QTS 5.1 QNAP QuTS hero h5.1 QNAP QuTScloud c5.1Risk Level:3.8Exploitability:UnprovenConsequences:Gain Access...

QNAP QTS, QuTS hero and QuTScloud command execution | CVE-2023-41282

February 8, 2024

NAME__________QNAP QTS, QuTS hero and QuTScloud command executionPlatforms Affected:Risk Level:5.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________QNAP QTS, QuTS hero and QuTScloud could allow a...

QNAP QTS, QuTS hero and QuTScloud command execution | CVE-2023-41281

February 8, 2024

Biteship plugin for WordPress cross-site scripting | CVE-2024-24866

February 8, 2024

NAME__________Biteship plugin for WordPress cross-site scriptingPlatforms Affected:Biteship Biteship plugin for WordPress 2.2.24Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Biteship plugin for WordPress is vulnerable...

QNAP QTS, QuTS hero and QuTScloud directory traversal | CVE-2023-45026

February 8, 2024

NAME__________QNAP QTS, QuTS hero and QuTScloud directory traversalPlatforms Affected:QNAP QTS 5.1 QNAP QuTS hero h5.1 QNAP QuTScloud c5.1Risk Level:6.8Exploitability:UnprovenConsequences:Obtain Information...

CVE

GitLab denial of service | CVE-2024-1066

IBM Engineering Lifecycle Optimization HTTP header injection | CVE-2023-45190

GitLab denial of service | CVE-2024-6386

GitLab privilege escalation | CVE-2024-1250

IBM Engineering Lifecycle Optimization – Publishing session fixation | CVE-2023-45187

GitLab security bypass | CVE-2024-6840

Apache bRPC HTTP request smuggling | CVE-2024-23452

IBM Sterling B2B Integrator denial of service | CVE-2023-32341

Qolsys IQ Panel 4 and Qolsys IQ4 Hub information disclosure | CVE-2024-0242

Dell EMC AppSync information disclosure | CVE-2024-22464

PT Sign Ups plugin for WordPress cross-site scripting | CVE-2024-24848

Add Customer for WooCommerce plugin for WordPress cross-site scripting | CVE-2024-24841

Five Star Restaurant Reviews plugin for WordPress cross-site scripting | CVE-2024-24838

Structured Content plugin for WordPress cross-site scripting | CVE-2024-24839

CalculatorPro Calculators plugin for WordPress cross-site scripting | CVE-2024-24847

Mighty Addons for Elementor plugin for WordPress cross-site scripting | CVE-2024-24846

QNAP QTS, QuTS hero and QuTScloud buffer overflow | CVE-2023-45037

Advanced iFrame plugin for WordPress cross-site scripting | CVE-2024-24870

Scroll Triggered Box plugin for WordPress cross-site scripting | CVE-2024-24865

QNAP QTS, QuTS hero and QuTScloud buffer overflow | CVE-2023-41292

QNAP QTS, QuTS hero and QuTScloud command execution | CVE-2023-41282

QNAP QTS, QuTS hero and QuTScloud command execution | CVE-2023-41281

Biteship plugin for WordPress cross-site scripting | CVE-2024-24866

QNAP QTS, QuTS hero and QuTScloud directory traversal | CVE-2023-45026

CISA: CISA Releases Nine Industrial Control Systems Advisories

CISA: CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Partners with ASD’s ACSC, CCCS, NCSC-UK, and Other International and US Organizations to Release Guidance on Edge Devices

CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog

You may have missed