RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:FC Red Bull Salzburg App
Vendor URL: https://play.google.com/store/apps/details?id=laola.redbull
Type: Improper Authorization in Handler for Custom URL Scheme
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:SecurePoint UTM
Vendor URL: https://www.securepoint.de/en/for-companies/firewall-vpn
Type: Use of Uninitialized Variable [CWE-457]
Date found: 2023-01-05
Date
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:SecurePoint UTM
Vendor URL: https://www.securepoint.de/en/for-companies/firewall-vpn
Type: Exposure of Sensitive Information to an Unauthorized Actor
[CWE-200]
Date
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Quiz And Survey Master
Vendor URL: https://wordpress.org/plugins/quiz-master-next/
Type: Missing Authentication for Critical Function [CWE-306]
Date found:
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Quiz And Survey Master
Vendor URL: https://wordpress.org/plugins/quiz-master-next/
Type: Cross-Site Request Forgery (CSRF) [CWE-352]
Date found: 2023-01-13
Date
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Intel Data Center Manager
Vendor URL:
https://www.intel.com/content/www/us/en/developer/tools/data-center-manager-console/overview.html
Type: Incorrect Use of
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Intel Data Center Manager
Vendor URL:
https://www.intel.com/content/www/us/en/developer/tools/data-center-manager-console/overview.html
Type: SQL Injection [CWE-89]
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Intel Data Center Manager
Vendor URL:
https://www.intel.com/content/www/us/en/developer/tools/data-center-manager-console/overview.html
Type: Authentication Bypass by
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Betheme
Vendor URL: https://muffingroup.com/betheme/
Type: Deserialization of Untrusted Data [CWE-502]
Date found: 2022-11-02
Date published: 2022-11-18
CVSSv3
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:BeCustom Wordpress Plugin
Vendor URL: https://muffingroup.com/betheme/features/be-custom/
Type: Cross-Site Request Forgery [CWE-253]
Date found: 2021-10-28
Date
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Transposh WordPress Translation
Vendor URL:
https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/
Type: Incorrect Authorization [CWE-863]
Date
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Transposh WordPress Translation
Vendor URL:
https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/
Type: Reliance on File Name or Extension of
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Transposh WordPress Translation
Vendor URL:
https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/
Type: Improper Authorization [CWE-285]
Date
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Transposh WordPress Translation
Vendor URL:
https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/
Type: Improper Authorization [CWE-285]
Date
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Transposh WordPress Translation
Vendor URL:
https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/
Type: Exposure of Sensitive Information to an
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Transposh WordPress Translation
Vendor URL:
https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/
Type: Incorrect Authorization [CWE-863]
Date
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Transposh WordPress Translation
Vendor URL:
https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/
Type: Cross-Site Request Forgery [CWE-253]
Date
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Transposh WordPress Translation
Vendor URL:
https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/
Type: Cross-Site Scripting [CWE-79]
Date found:
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Transposh WordPress Translation
Vendor URL:
https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/
Type: Cross-Site Scripting [CWE-79]
Date found:
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Reolink E1 Zoom Camera
Vendor URL: https://reolink.com/product/e1-zoom/
Type: Exposure of Sensitive Information to an Unauthorized Actor
[CWE-200]
Date found:
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Reolink E1 Zoom Camera
Vendor URL: https://reolink.com/product/e1-zoom/
Type: Exposure of Sensitive Information to an Unauthorized Actor
[CWE-200]
Date found:
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:User Meta
Vendor URL: https://wordpress.org/plugins/user-meta
Type: Relative Path Traversal [CWE-23]
Date found: 2022-02-28
Date published: 2022-05-24
CVSSv3 Score:
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:SAP Knowledge Warehouse
Vendor URL:
https://help.sap.com/viewer/816f1f952d244bbf9dd5063e2a0e66b0/7.5.21/en-US/4dc9605e4a9d6522e1000a15822b.html
Type: Cross-Site
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:God Kings
Vendor URL:
https://play.google.com/store/apps/details?id=com.innogames.gkandroid
Type: Improper Verification of Intent by Broadcast Receiver [CWE-925]
Date
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Framer Preview
Vendor URL:
https://play.google.com/store/apps/details?id=com.framerjs.android
Type: Improper Export of Android Application Components [CWE-926]
Date
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:Acronis Cyber Backup
Vendor URL: https://www.acronis.com
Type: Server-Side Request Forgery [CWE-918]
Date found: 2020-07-30
Date published: 2020-09-14
CVSSv3 Score:
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
===
Product:MJML
Vendor URL: https://github.com/mjmlio/mjml/
Type: Path Traversal [CWE-22]
Date found: 2020-04-28
Date published: 2020-06-14
CVSSv3 Score: 7.2
27 matches
Mail list logo