Common Vulnerabilities and Exposures

Stored cross-site scripting in comment functionality in Amasty Blog Pro for Magento 2

Cross-site scripting in IBM InfoSphere Information Server allows script injection via crafted input

Server-side remote code execution in Foreman allows authenticated attackers to execute arbitrary commands on the server

Open redirect in OurUmbraco allows attackers to redirect users to malicious external websites

Authenticated stored XSS in Autoptimize WordPress plugin allows administrators to inject persistent scripts

Race condition leading to remote code execution in Autoptimize WordPress plugin allows arbitrary file writes

Arbitrary file upload in Autoptimize WordPress plugin allows uploading and executing malicious PHP files

Security vulnerability in Dell EMC NetWorker allows privilege escalation or unauthorized access

Security vulnerability in Dell EMC NetWorker allows privilege escalation or unauthorized access (second issue)

Windows Print Spooler elevation of privilege (PrintNightmare) - allows remote code execution and local privilege escalation

XML External Entity (XXE) injection in JOC Cockpit/Jobscheduler allows reading server files and SSRF

Denial of service in JOC Cockpit/Jobscheduler allows attackers to crash the job scheduling service

Multiple stored cross-site scripting vulnerabilities in JOC Cockpit/Jobscheduler allow persistent script injection

Iniekcja SQL w F5 BIG-IP AFM (Advanced Firewall Manager) umożliwia ataki na bazę danych urządzenia bezpieczeństwa

TMOS Shell privilege escalation in F5 BIG-IP allows users to gain elevated privileges