Vulnerabilities

The WPBookit plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 1.6.4. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for unauthenticated attackers to change user passwords and potentially take over administrator accounts.

An Out-of-bounds Read vulnerability in Juniper Networks Junos OS and Junos OS Evolved&amp;#39;s routing protocol daemon (rpd) allows an unauthenticated, network-based attacker to send malformed BGP packets to a device configured with packet receive trace options enabled to crash rpd.<br /> This issue affects:<br /> <br /> Junos OS: <br /> <br /> <br /> <br /> * from 21.2R3-S8 before 21.2R3-S9, <br /> * from 21.4R3-S7 before 21.4R3-S9, <br /> * from 22.2R3-S4 before 22.2R3-S5, <br /> * from 22.3R3-S2 before 22.3R3-S4, <br /> * from 22.4R3 before 22.4R3-S5, <br /> * from 23.2R2 before 23.2R2-S2, <br /> * from 23.4R1 before 23.4R2-S1, <br /> * from 24.2R1 before 24.2R1-S1, 24.2R2.<br /> <br /> <br /> Junos OS Evolved:<br /> * from 21.4R3-S7-EVO before 21.4R3-S9-EVO, <br /> * from 22.2R3-S4-EVO before 22.2R3-S5-EVO, <br /> * from 22.3R3-S2-EVO before 22.3R3-S4-EVO, <br /> * from 22.4R3-EVO before 22.4R3-S5-EVO, <br /> * from 23.2R2-EVO before 23.2R2-S2-EVO, <br /> * from 23.4R1-EVO before 23.4R2-S1-EVO, <br /> * from 24.2R1-EVO before 24.2R1-S2-EVO, 24.2R2-EVO.<br /> <br /> <br /> This issue requires a BGP session to be established.<br /> <br /> This issue can propagate and multiply through multiple ASes until reaching vulnerable devices.<br /> <br /> This issue affects iBGP and eBGP.<br /> <br /> This issue affects IPv4 and IPv6.<br /> <br /> An indicator of compromise may be the presence of malformed update messages in a neighboring AS which is unaffected by this issue:<br /> <br /> For example, by issuing the command on the neighboring device:<br />  show log messages<br /> <br /> Reviewing for similar messages from devices within proximity to each other may indicate this malformed packet is propagating:<br />   rpd[]: Received malformed update from (External AS )<br /> and<br />   rpd[]: Malformed Attribute

Strawberry GraphQL is a library for creating GraphQL APIs. Starting in 0.182.0 and prior to version 0.257.0, a type confusion vulnerability exists in Strawberry GraphQL&amp;#39;s relay integration that affects multiple ORM integrations (Django, SQLAlchemy, Pydantic). The vulnerability occurs when multiple GraphQL types are mapped to the same underlying model while using the relay node interface. When querying for a specific type using the global node field (e.g., FruitType:some-id), the resolver may incorrectly return an instance of a different type mapped to the same model (e.g., SpecialFruitType). This can lead to information disclosure if the alternate type exposes sensitive fields and potential privilege escalation if the alternate type contains data intended for restricted access. This vulnerability is fixed in 0.257.0.

Incorrect Privilege Assignment vulnerability in Drupal Registration role allows Privilege Escalation.This issue affects Registration role: from 0.0.0 before 2.0.1.

Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows Forceful Browsing.This issue affects Advanced PWA inc Push Notifications: from 0.0.0 before 1.5.0.

Improper Neutralization of Input During Web Page Generation (&amp;#39;Cross-site Scripting&amp;#39;) vulnerability in Drupal TacJS allows Cross-Site Scripting (XSS).This issue affects TacJS: from 0.0.0 before 6.5.0.

Insertion of Sensitive Information Into Sent Data vulnerability in Drupal REST Views allows Forceful Browsing.This issue affects REST Views: from 0.0.0 before 3.0.1.

Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web Services allows Forceful Browsing.This issue affects RESTful Web Services: from 7.X-2.0 before 7.X-2.10.

Insufficient Granularity of Access Control vulnerability in Drupal Email Contact allows Forceful Browsing.This issue affects Email Contact: from 0.0.0 before 2.0.4.

Incorrect Authorization vulnerability in Drupal Commerce View Receipt allows Forceful Browsing.This issue affects Commerce View Receipt: from 0.0.0 before 1.0.3.

Incorrect Authorization vulnerability in Drupal Drupal REST &amp; JSON API Authentication allows Forceful Browsing.This issue affects Drupal REST &amp; JSON API Authentication: from 0.0.0 before 2.0.13.

Insertion of Sensitive Information Into Sent Data vulnerability in Drupal Image Sizes allows Forceful Browsing.This issue affects Image Sizes: from 0.0.0 before 3.0.2.