Posted by CISA on Mar 21 Cybersecurity and Infrastructure Security Agency (CISA) – Defend Today, Secure Tomorrow You are subscribed to Cybersecurity Advisories for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available. CISA and NSA Release Enduring Security Framework Guidance on Identity and Access Management [… Go to…

CVE ID : CVE-2025-0171 Published : Jan. 2, 2025, 3:15 p.m. | 54 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Chat System 1.0. Affected is an unknown function of the file /admin/deleteuser.php. The manipulation of the argument id leads to sql injection. It is possible to launch the…

CVE ID : CVE-2024-56137 Published : Jan. 2, 2025, 3:15 p.m. | 54 minutes ago Description : MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). Prior to version 1.9.0, a remote command execution vulnerability exists in the module of…

CVE ID : CVE-2024-55538 Published : Jan. 2, 2025, 3:15 p.m. | 54 minutes ago Description : Sensitive information disclosure due to missing authentication. The following products are affected: Acronis True Image (macOS) before build 41725, Acronis True Image (Windows) before build 41736. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS…

CVE ID : CVE-2024-49385 Published : Jan. 2, 2025, 3:15 p.m. | 54 minutes ago Description : Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 41736. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more……

CVE ID : CVE-2023-48758 Published : Jan. 2, 2025, 3:15 p.m. | 55 minutes ago Description : Missing Authorization vulnerability in Crocoblock JetEngine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through 3.2.4. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and…

CVE ID : CVE-2023-48739 Published : Jan. 2, 2025, 3:15 p.m. | 55 minutes ago Description : Missing Authorization vulnerability in Porto Theme Porto Theme – Functionality allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Porto Theme – Functionality: from n/a before 2.12.1. Severity: 5.3 | MEDIUM Visit the link for more details, such…

CVE ID : CVE-2023-47807 Published : Jan. 2, 2025, 3:15 p.m. | 55 minutes ago Description : Missing Authorization vulnerability in 10Web 10WebAnalytics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 10WebAnalytics: from n/a through 1.2.12. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and…

CVE ID : CVE-2023-47778 Published : Jan. 2, 2025, 3:15 p.m. | 55 minutes ago Description : Missing Authorization vulnerability in LuckyWP LuckyWP Scripts Control allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LuckyWP Scripts Control: from n/a through 1.2.1. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details,…

CVE ID : CVE-2023-45633 Published : Jan. 2, 2025, 3:15 p.m. | 55 minutes ago Description : Missing Authorization vulnerability in IDX IMPress Listings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IMPress Listings: from n/a through 2.6.2. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products,…