Vulnerability Summary for the Week of June 10, 2024

2024-06-17 17:06

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
actpro — extra_product_options_for_woocommerce	Missing Authorization vulnerability in actpro Extra Product Options for WooCommerce.This issue affects Extra Product Options for WooCommerce: from n/a through 3.0.6.	2024-06-10	8.8	CVE-2024-35727 audit@patchstack.com
adfinis–document-merge-service	Document Merge Service is a document template merge service providing an API to manage templates and merge them with given data. Versions 6.5.1 and prior are vulnerable to remote code execution via server-side template injection which, when executed as root, can result in full takeover of the affected system. As of time of publication, no patched version exists, nor have any known workarounds been disclosed.	2024-06-11	9.9	CVE-2024-37301 This article has been indexed from Bulletins Read the original article: Vulnerability Summary for the Week of June 10, 2024 Related Tags: Bulletins EN Post navigation ← US Surgeon General Wants Social Media Warning Labels Open Source Licensing 101: Everything You Need to Know → Search for: IT Security News (EN) Join the Movement for Public Broadband in PDX October 4, 2024 Contact center fraud: How to detect and prevent it October 4, 2024 Crypto Wallet App on Google Play Steals $70,000 from Mobile Users October 4, 2024 DoJ, Microsoft Seize 100 Russian Phishing Sites Targeting US October 4, 2024 Summer 2024 SOC 1 report now available in Japanese, Korean, and Spanish October 4, 2024 Over 5,000 Fake Microsoft Notifications Fueling Email Compromise Campaigns October 4, 2024 Mark Zuckerberg Overtakes Bezos To Become Second-Richest Man October 4, 2024 Cybersecurity professionals are turning to AI as more lose control of detection tools October 4, 2024 How to conduct firewall testing and analyze test results October 4, 2024 8 Tips to protect your devices from malware attacks October 4, 2024 Biggest Ever DDoS is Threat to OT Critical Infrastructure October 4, 2024 Fileless malware eating computing power of Linux Servers October 4, 2024 Enhanced API Security: Fine-Grained Access Control Using OPA and Kong Gateway October 4, 2024 GPT-4o: OpenAI’s shield against $40B deepfake threat to enterprises October 4, 2024 New CUPS Vulnerability Can Amplify DDoS Attacks: Patch Now! October 4, 2024 Fake Trading Apps for Android, iOS Lead to Pig Butchering Scam October 4, 2024 Windows 11’s Recall feature is Now Ready For Release, Microsoft Claims October 4, 2024 Necro Trojan Uses Steganography to Attack 11 Million Devices October 4, 2024 Palo Alto Networks: 5x Leader in the Gartner Magic Quadrant for SD-WAN October 4, 2024 How Cloud-Based Solutions Are Transforming Software Quality Assurance October 4, 2024 IT Sicherheitsnews (DE) 5G-Ausbau: Zwei Bundesländer hinken besonders hinterher October 4, 2024 IT Sicherheitsnews taegliche Zusammenfassung 2024-10-04 October 4, 2024 Warum Sam Altman oder Ursula von der Leyen Handschuhe mit sechs Fingern zugeschickt wurden October 4, 2024 Entwickler kehrt der Cloud den Rücken – und spart richtig Geld dabei October 4, 2024 KI-Agent macht sich zum Systemadministrator und sabotiert Boot-Einstellungen October 4, 2024 Whatsapp-Status: Jetzt neu mit Likes und privaten Erwähnungen October 4, 2024 Windows 11 und Copilot: Diese neuen Features erwarten uns October 4, 2024 EuGH-Urteil: Polizeilicher Zugriff auf Handydaten unter Auflagen erlaubt October 4, 2024 En Ovend met Leena Simon un padeluun in Kölle October 4, 2024 Exploits beobachtet: CISA warnt Nutzer von Ivanti- und Zimbra-Software October 4, 2024 Daily Summary Enter your email address: GDPR compliance Categories Categories Meta Log in Entries feed Comments feed WordPress.org Copyright © 2024 IT Security News International (DE, EN). All Rights Reserved. The Magazine Basic Theme by bavotasan.com.