Vulnerability Summary for the Week of June 24, 2024

1. A vulnerability in the access management specialist project by Shenzhen Weitillage Industrial Co., Ltd allows remote attackers to obtain sensitive information. 2. A SQL Injection vulnerability in the WP Maps Display Google Maps Perfectly with Ease plugin for WordPress can be exploited by authenticated attackers with contributor-level access and above. 3. A SQL Injection vulnerability in the Quiz Maker plugin for WordPress can be exploited by authenticated attackers with contributor-level access and above. 4. A vulnerability in the GitLab CE/EE allows an attacker to trigger a pipeline as another user under certain circumstances. 5. A vulnerability in the GitLab EE allows an attacker to leak content of a private repository in a public project. 6. A vulnerability in the Arista Wireless Access Points allows authenticated, remote attackers to cause a privilege escalation via spawning a bash shell. 7. A vulnerability in the Dell PowerProtect DD allows an attacker to gain admin user privileges. 8. A vulnerability in the authentik application allows users without the correct authorization to get OAuth tokens for an application and access it. 9. A vulnerability in the HashiCorp's go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution. 10. A vulnerability in the HPE At allows an authenticated, remote attacker to execute arbitrary code on the vulnerable application's underlying operating system with the privileges of the vulnerable application.