Vulnerability Summary for the Week of May 6, 2024

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
academy_lms — academy_lms	Missing Authorization vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 1.9.16.	2024-05-06	7.1	CVE-2024-33912 audit@patchstack.com
brevo_for_woocommerce — sendinblue_for_woocommerce	Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Brevo for WooCommerce Sendinblue for WooCommerce.This issue affects Sendinblue for WooCommerce: from n/a through 4.0.17.	2024-05-06	8.5	CVE-2024-32807 audit@patchstack.com
brocade — brocade_sannav	The Postgre […] Content was cut in order to protect the source.Please visit the source for the rest of the article. This article has been indexed from Bulletins Read the original article: Vulnerability Summary for the Week of May 6, 2024 Related Tags: Bulletins EN Post navigation ← Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management I/O 2024: What’s new in Android security and privacy → Search for: IT Security News (EN) Top Vulnerability Management Tools: Reviews & Comparisons 2024 November 8, 2024 AppOmni partners with Cisco to extend zero trust to SaaS November 8, 2024 Interlock targets healthcare, Canada dissolves TikTok, HP critical flaws November 8, 2024 New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus November 8, 2024 Canada Orders TikTok To Close Operations: Cyber Security Today for Friday, November 8th, 2024 November 8, 2024 Digital Arrest: How Even The Educated Become Victims November 8, 2024 CISA Warns of Critical Palo Alto Networks Vulnerability Exploited in Attacks November 8, 2024 Apple’s 45-day certificate proposal: A call to action November 8, 2024 New Malware “ToxicPanda” Targets Android Devices to Steal Banking Information November 8, 2024 Credential Abuse Market Flourishes Despite Setbacks November 8, 2024 Large-Scale Phishing Campaign Exposed Using New Version of Rhadamanthys Malware November 8, 2024 Am I Isolated: Open-source container security benchmark November 8, 2024 CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability November 8, 2024 A closer look at the 2023-2030 Australian Cyber Security Strategy November 8, 2024 Why AI-enhanced threats and legal uncertainty are top of mind for risk executives November 8, 2024 New infosec products of the week: November 8, 2024 November 8, 2024 Driving social impact at work: A rewarding collaboration with WWF-Australia November 8, 2024 Winos4.0 abuses gaming apps to infect, control Windows machines November 8, 2024 DEF CON 32 – QuickShell Sharing Is Caring About RCE Attack Chain On QuickShare – Or Yair, Shmuel Cohen November 8, 2024 Highlights from the InCyber Montreal Forum November 8, 2024 IT Sicherheitsnews (DE) Fiese Malware: Dieser Code hat es auf Gamer abgesehen – so könnt ihr euch schützen November 8, 2024 Neue Welten: Wenn KI ganze Open-World-Spiele erzeugt November 8, 2024 Künstlerische Intelligenz: Robotergeneriertes Bild erreicht Rekordpreis bei Sothebys-Versteigerung November 8, 2024 Google-KI statt Telefonat: So sollen Pixel-Smartphones künftig Anrufe für euch beantworten November 8, 2024 Whatsapp: Mit diesem Trick kannst du die Größe der Emojis bestimmen November 8, 2024 Synology DiskStation Manager: Mehrere Schwachstellen November 8, 2024 [NEU] [hoch] Synology DiskStation Manager: Mehrere Schwachstellen November 8, 2024 [NEU] [mittel] Microsoft GitHub Enterprise: Schwachstelle ermöglicht Privilegieneskalation November 8, 2024 [NEU] [niedrig] IBM DataPower Gateway: Schwachstelle ermöglicht Denial of Service November 8, 2024 [NEU] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff November 8, 2024 Daily Summary Enter your email address: GDPR compliance Categories Categories Meta Log in Entries feed Comments feed WordPress.org Copyright © 2024 IT Security News International (DE, EN). All Rights Reserved. The Magazine Basic Theme by bavotasan.com.

Primary
Vendor — Product

Description

Published

CVSS Score

Source & Patch Info

academy_lms — academy_lms

Missing Authorization vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 1.9.16.

2024-05-06

7.1

CVE-2024-33912
audit@patchstack.com

brevo_for_woocommerce — sendinblue_for_woocommerce

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Brevo for WooCommerce Sendinblue for WooCommerce.This issue affects Sendinblue for WooCommerce: from n/a through 4.0.17.

2024-05-06

8.5

CVE-2024-32807
audit@patchstack.com

brocade — brocade_sannav

The Postgre

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from Bulletins