Vulnerability Summary for the Week of February 12, 2024

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
wp_swings — coupon_referral_program
 
Deserialization of Untrusted Data vulnerability in WP Swings Coupon Referral Program. This issue affects Coupon Referral Program: from n/a through 1.7.2. 2024-02-12 10 CVE-2024-25100
audit@patchstack.com
dell — dell_smartfabric_os10
 
Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are sent to the switch. This is a high severity vulnerability as it allows an attacker to view sensitive data. Dell recommends customers to upgrade at the earliest opportunity. 2024-02-15 9.1 This article has been indexed from Bulletins

Read the original article:

Discover more from IT Security News

Subscribe now to keep reading and get access to the full archive.

Continue reading