In Mautic versions 1.0.2 to 4.4.11 and 5.0.0-alpha to 5.0.3 a high severity vulnerability CVE-2022-25776 was detected. This vulnerability allows attackers to access restricted areas of the application, potentially exposing sensitive data such as names, surnames, company names, and stage names. To fix this issue, users must upgrade to version 4.4.12 or 5.0.4. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2022-25776.
Read more Marketing Automation
In Mautic versions 2.14.1 before 4.4.12, and 5.0.0 before 5.0.4 a high severity vulnerability CVE-2024-25775 was detected. This vulnerability allows attackers to redirect users to fake websites, where they could steal personal information or take over user accounts. To fix this issue, users should upgrade Mautic to versions 4.4.12, 5.0.4 or later. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2024-25775.
Read more Marketing Automation
In Mautic versions >= 1.0.0-beta3 a high severity vulnerability CVE-2024-25770 was detected. This vulnerability allows attackers to exploit the upgrade process, potentially leading to unauthorized changes in the system or creating security risks if the application is installed in a vulnerable way. To fix this issue, users should upgrade Mautic to versions 4.4.13, and 5.1.1. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2024-25770.
Read more Marketing Automation
In Mautic versions < 3.3.5, < 4.2.0 a medium severity vulnerability CVE-2024-25769 was detected. This vulnerability allows attackers to potentially execute unauthorized PHP files within the application, which could lead to a range of security issues, including data theft or system compromise. To fix this issue, users should upgrade Mautic to versions 3.3.5, and 4.2.0. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2024-25769.
Read more Marketing Automation
In Mautic versions >= 1.1.3 a high severity vulnerability CVE-2024-25768 was detected. This vulnerability allows attackers to potentially access sensitive information or execute unauthorized actions within the application, which could result in data breaches or system malfunctions. To fix this issue, users should upgrade Mautic to versions 4.4.13 and 5.1.1. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2024-25768.
Read more Marketing Automation
In pgAdmin versions 8.11 and earlier a critical severity vulnerability in OAuth2 authentication CVE-2024-9014 was detected. This vulnerability allows attackers to potentially obtain the client ID and secret, leading to unauthorized access to user data. Currently there is no fix version for that issue. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-9014.
Read more Database
In OpenShift environments using QEMU NBD Server versions a high severity vulnerability CVE-2024-7409 was detected. This vulnerability allows attackers to perform a denial of service (DoS) attack by exploiting improper synchronization during socket closure when a client keeps a socket open as the server is taken offline. Currently, there is no fix version for that issue. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-7409.
Read more Developer Tools
In Grafana Plugin SDK versions before 0.249.0 a critical severity vulnerability CVE-2024-8986 was detected. This vulnerability allows attackers to access credentials if included in the repository URI, which becomes embedded in the final binary. To fix this issue, users must upgrade to version 0.250.0 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-8986.
Read more Data Analytics
In Mautic versions 5.1.0 to 5.1.1 a medium severity vulnerability CVE-2024-47059 was detected. This vulnerability allows attackers to infer whether a username is valid based on differing error messages for incorrect usernames and weak passwords. To fix this issue, users must upgrade to version 5.1.1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-47059.
Read more Marketing Automation