Vulnerability Summary for the Week of May 6, 2024

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
academy_lms — academy_lms	Missing Authorization vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 1.9.16.	2024-05-06	7.1	CVE-2024-33912 audit@patchstack.com
brevo_for_woocommerce — sendinblue_for_woocommerce	Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Brevo for WooCommerce Sendinblue for WooCommerce.This issue affects Sendinblue for WooCommerce: from n/a through 4.0.17.	2024-05-06	8.5	CVE-2024-32807 audit@patchstack.com
brocade — brocade_sannav	The Postgre […] Content was cut in order to protect the source.Please visit the source for the rest of the article. This article has been indexed from Bulletins Read the original article: Vulnerability Summary for the Week of May 6, 2024 Related Tags: Bulletins EN Post navigation ← Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management Getting started with Red Hat Insights and FedRAMP → Search for: IT Security News (EN) LinkedIn suspends some AI training operations October 18, 2024 Hacker Arrested for Invading Computers & Selling Police Data October 18, 2024 ConfusedPilot Exposes Vulnerability in AI Systems Used by Major Enterprises October 18, 2024 Globe Life extortion, hacker USDoD arrested, Anonymous Sudan indicted October 18, 2024 Beware of Starbucks Phishing Scam and China using Quantum tech to break encryption October 18, 2024 Cisco ATA 190 Telephone Adapter Vulnerabilities Let Attackers Execute Remote Code October 18, 2024 Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser October 18, 2024 Building Digital Resilience: Insider Insights for a Safer Cyber Landscape October 18, 2024 Intel robustly refutes China’s accusations it bakes in NSA backdoors October 18, 2024 Despite massive security spending, 44% of CISOs fail to detect breaches October 18, 2024 Biz hired, and fired, a fake North Korean IT worker – then the ransom demands began October 18, 2024 What to do if your iPhone or Android smartphone gets stolen? October 18, 2024 Cybercrime’s constant rise is becoming everyone’s problem October 18, 2024 DDoS Attacks and the Upcoming US Presidential Election October 18, 2024 New infosec products of the week: October 18, 2024 October 18, 2024 Addressing Critical Gaps in Threat Intelligence Sharing October 18, 2024 As Attackers Embrace AI, Every Organization Should Do These 5 Things October 18, 2024 Singapore releases guidelines for securing AI systems and prohibiting deepfakes in elections October 18, 2024 ISC Stormcast For Friday, October 18th, 2024 https://isc.sans.edu/podcastdetail/9186, (Fri, Oct 18th) October 18, 2024 Uncle Sam puts $10M bounty on Russian troll farm Rybar October 18, 2024 IT Sicherheitsnews (DE) IT Sicherheitsnews taegliche Zusammenfassung 2024-10-17 October 17, 2024 KI und das Bias-Problem: ChatGPT behandelt uns alle gleich – sagt OpenAI October 17, 2024 KI bewertet KI: Wie schneiden OpenAI und Co. beim AI Act ab? October 17, 2024 Schlimmer als VDS und Chatkontrolle zusammen October 17, 2024 Messenger-App: Signal erweitert Videokonferenzen um neue Funktion October 17, 2024 Übernahme: Danfoss Fire Safety wird „ A Siemens Business“ October 17, 2024 Statt Vorratsdatenspeicherung: Quick-Freeze-Verfahren auf den Weg gebracht October 17, 2024 Brillen.de: Rund 3,5 Millionen Kundendatensätze offen im Netz October 17, 2024 Will Müllkippe umgraben: Mann verklagt Stadtverwaltung wegen 8.000 verlorener BTC October 17, 2024 Oracle schützt Softwareprodukte mit 334 Sicherheitsupdates October 17, 2024 Daily Summary Enter your email address: GDPR compliance Categories Categories Meta Log in Entries feed Comments feed WordPress.org Copyright © 2024 IT Security News International (DE, EN). All Rights Reserved. The Magazine Basic Theme by bavotasan.com.

Primary
Vendor — Product

Description

Published

CVSS Score

Source & Patch Info

academy_lms — academy_lms

Missing Authorization vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 1.9.16.

2024-05-06

7.1

CVE-2024-33912
audit@patchstack.com

brevo_for_woocommerce — sendinblue_for_woocommerce

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Brevo for WooCommerce Sendinblue for WooCommerce.This issue affects Sendinblue for WooCommerce: from n/a through 4.0.17.

2024-05-06

8.5

CVE-2024-32807
audit@patchstack.com

brocade — brocade_sannav

The Postgre

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from Bulletins