ByteOS Network

awesome

Source -

NVD

BOS Name -

N/A

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2023-27478

Assigner-GitHub, Inc.

View Details

Assigner-GitHub, Inc.

CVSS Score-6.5||MEDIUM

EPSS-0.17% / 38.87%

7 Day CHG~0.00%

Published-07 Mar, 2023 | 17:55

Updated-25 Feb, 2025 | 15:00

Disclosure of unrelated data in libmemcached-awesome

libmemcached-awesome is an open source C/C++ client library and tools for the memcached server. `libmemcached` could return data for a previously requested key, if that previous request timed out due to a low `POLL_TIMEOUT`. This issue has been addressed in version 1.1.4. Users are advised to upgrade. There are several ways to workaround or lower the probability of this bug affecting a given deployment. 1: use a reasonably high `POLL_TIMEOUT` setting, like the default. 2: use separate libmemcached connections for unrelated data. 3: do not re-use libmemcached connections in an unknown state.

Vendor-awesome awesomized

Product-libmemcached libmemcached

CWE ID-CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CVE-2022-36791

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-5.4||MEDIUM

EPSS-0.17% / 39.21%

7 Day CHG~0.00%

Published-23 Sep, 2022 | 14:22

Updated-20 Feb, 2025 | 20:03

WordPress Torro Forms plugin <= 1.0.16 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Awesome UG Torro Forms plugin <= 1.0.16 at WordPress.

Vendor-awesome Awesome UG

Product-torro_forms Torro Forms (WordPress plugin)

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')