Aggregator

Submit #394560 / VDB-276070

Submit #394556 / VDB-276069

微软旗下的职业社交网络 LinkedIn 将其服务器、虚拟机和容器使用的 Linux 发行版从终止支持的 CentOS 7 迁移到微软自己的发行版 Azure Linux。Red Hat 早先时候做出了一个受争议的决策：CentOS 从 Red Hat Enterprise Linux（RHEL）的社区发行版变成了一个滚动更新发行版 CentOS Stream；CentOS 7 到 2024 年终止支持，而下一个版本的 CentOS 8 原计划支持到 2029 年改成了 2021 年底终止支持。LinkedIn 认为，随着转向 CentOS Stream，用户对项目的方向和更新时间表感到不确定，而不确定性引发了对 CentOS 作为操作系统的可靠性和支持的担忧。

Обфускация кода затрудняет анализ и противодействие коварной угрозе.

酱酱们中午好～今天的 AGI 掘金热点资讯来啦，我们知识库上线了 AI 小助手，欢迎来撩！

豆包MarsCode 始终致力于用 AI 激发创造，帮助开发者“ Mar 力”全开，一起在豆包MarsCode 中寻找散落的“ Mar 力”。

A vulnerability, which was classified as problematic, has been found in Vikinghammer Tweet Plugin up to 0.2.4 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2024-8043. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in Review Ratings Plugin up to 1.6 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2024-8052. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Visual Sound Plugin up to 1.06 on WordPress. Affected is an unknown function of the component Setting Handler. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-8047. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Premium SEO Pack Plugin up to 1.6.001 on WordPress. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-3679. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Premium Portfolio Features for Phlox Theme up to 2.3.3 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-1384. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Beaver Builder Plugin and Beaver Builder Lite Plugin up to 2.8.3.5 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation of the argument type leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-7895. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in infolinks Ad Wrap Plugin up to 1.0.2 on WordPress and classified as problematic. Affected by this issue is some unknown functionality of the component Setting Handler. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2024-8044. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Enhanced Search Box Plugin up to 0.6.1 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2024-8091. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Popup Builder Plugin up to 4.3.3 on WordPress. Affected is an unknown function of the component Subscriber CSV File Handler. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-2541. The attack can only be done within the local network. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in GiveWP Plugin up to 3.15.1 on WordPress. This issue affects some unknown processing. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-6551. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in Dell PowerEdge Platform up to 2.22.0. This vulnerability affects unknown code of the component 14G Intel BIOS. The manipulation leads to improper input validation. This vulnerability was named CVE-2024-38303. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Ollama up to 0.1.46. This affects the function extractFromZipFile of the file model.go. The manipulation leads to an unknown weakness. This vulnerability is uniquely identified as CVE-2024-45436. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Rakuten Ichiba App on iOS/Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Custom URL Scheme Handler. The manipulation leads to open redirect. This vulnerability is handled as CVE-2024-41918. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Chartist up to 1.3.0. It has been declared as problematic. Affected by this vulnerability is the function extend. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). This vulnerability is known as CVE-2024-45435. The attack needs to be done within the local network. There is no exploit available.