WooCommerce – Store Exporter < 2.4 – CSV Injection
More info:
https://wpvulndb.com/vulnerabilities/10015
Introducing CRLite: All of the Web PKI’s revocations, compressed
CRLite is a technology proposed by a group of researchers at the IEEE Symposium on Security and Privacy 2017 that compresses revocation information so effectively that 300 megabytes of revocation data can become 1 megabyte. It accomplishes this by combining … Continue readingThe post Introducing CRLite: All of the Web PKI’s revocations, compressed appeared first on Mozilla Security Blog.
More info:
https://blog.mozilla.org/security/2020/01/09/crlite-part-1-all-web-pki-revocations-compressed/
The End-to-End Design of CRLite
CRLite is a technology to efficiently compress revocation information for the whole Web PKI into a format easily delivered to Web users. It addresses the performance and privacy pitfalls of the Online Certificate Status Protocol (OCSP) while avoiding a need … Continue readingThe post The End-to-End Design of CRLite appeared first on Mozilla Security Blog.
More info:
https://blog.mozilla.org/security/2020/01/09/crlite-part-2-end-to-end-design/
Juniper Junos CVE-2020-1600 Denial of Service Vulnerability
Type: Vulnerability. Juniper Junos is prone to a denial-of-service vulnerability; fixes are available.
More info:
http://www.symantec.com/security_response/vulnerability.jsp?bid=111447&om_rssid=sr-advisories
PHP vulnerability CVE-2019-11046
PHP vulnerability CVE-2019-11046 Security Advisory Security Advisory Description In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, ...
More info:
https://support.f5.com/csp/article/K48866433?utm_source=f5support&utm_medium=RSS
Cisco Finesse CVE-2019-15278 Cross Site Scripting Vulnerability
Type: Vulnerability. Cisco Finesse is prone to a cross-site scripting vulnerability; fixes are available.
More info:
http://www.symantec.com/security_response/vulnerability.jsp?bid=111445&om_rssid=sr-advisories
Mozilla Firefox and Firefox ESR CVE-2019-17026 Type Confusion Remote Code Execution Vulnerability
Type: Vulnerability. Mozilla Firefox and Firefox ESR are prone to a remote code-execution vulnerability; fixes are available.
More info:
http://www.symantec.com/security_response/vulnerability.jsp?bid=111446&om_rssid=sr-advisories
Minimal Coming Soon & Maintenance Mode < 2.15 – Insecure Permissions: Enable and Disable Maintenance Mode
https://wpvulndb.com/vulnerabilities/10008
More info:
https://wpvulndb.com/vulnerabilities/10008
Minimal Coming Soon & Maintenance Mode < 2.15 – CSRF to Stored XSS and Setting Changes
https://wpvulndb.com/vulnerabilities/10007
More info:
https://wpvulndb.com/vulnerabilities/10007
Minimal Coming Soon & Maintenance Mode < 2.17 – Insecure permissions: Export Settings/Theme Change
https://wpvulndb.com/vulnerabilities/10009
More info:
https://wpvulndb.com/vulnerabilities/10009