In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger value gets used...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger value gets used...
0.0004EPSS
TinyMCE Cross-Site Scripting (XSS) vulnerability using noneditable_regexp option
Impact A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content extraction code. When using the noneditable_regexp option, specially crafted HTML attributes containing malicious code were able to be executed when content was extracted from the editor. Patches This...
6.1CVSS
6.7AI Score
0.0004EPSS
TinyMCE Cross-Site Scripting (XSS) vulnerability using noneditable_regexp option
Impact A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content extraction code. When using the noneditable_regexp option, specially crafted HTML attributes containing malicious code were able to be executed when content was extracted from the editor. Patches This...
6.1CVSS
6.5AI Score
0.0004EPSS
TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements
Impact A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements containing malicious code to be executed when that content was loaded into the editor. Patches This vulnerability has been patched in TinyMCE 7.2.0,.....
6.1CVSS
6.8AI Score
0.0004EPSS
TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements
Impact A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements containing malicious code to be executed when that content was loaded into the editor. Patches This vulnerability has been patched in TinyMCE 7.2.0,.....
6.1CVSS
6.5AI Score
0.0004EPSS
Missing Authorization vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a before...
7.1CVSS
6.9AI Score
0.0004EPSS
Missing Authorization vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a before...
7.1CVSS
0.0004EPSS
CVE-2021-47595 net/sched: sch_ets: don't remove idle classes from the round-robin list
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_ets: don't remove idle classes from the round-robin list Shuang reported that the following script: 1) tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 2)...
6.8AI Score
0.0004EPSS
CVE-2021-47595 net/sched: sch_ets: don't remove idle classes from the round-robin list
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_ets: don't remove idle classes from the round-robin list Shuang reported that the following script: 1) tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 2)...
0.0004EPSS
CVE-2021-47592 net: stmmac: fix tc flower deletion for VLAN priority Rx steering
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- 1) Add 1 flower filter for VLAN Priority based frame steering:- $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress $ tc qdisc add dev...
6.5AI Score
0.0004EPSS
CVE-2021-47592 net: stmmac: fix tc flower deletion for VLAN priority Rx steering
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- 1) Add 1 flower filter for VLAN Priority based frame steering:- $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress $ tc qdisc add dev...
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemePunch OHG Slider Revolution allows Stored XSS.This issue affects Slider Revolution: from n/a before...
5.9CVSS
7AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemePunch OHG Slider Revolution allows Stored XSS.This issue affects Slider Revolution: from n/a before...
5.9CVSS
0.0004EPSS
CVE-2021-47580 scsi: scsi_debug: Fix type in min_t to avoid stack OOB
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger value gets used...
0.0004EPSS
CVE-2021-47580 scsi: scsi_debug: Fix type in min_t to avoid stack OOB
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger value gets used...
6.8AI Score
0.0004EPSS
CVE-2023-39312 WordPress Avada theme <= 7.11.1 - Auth. Unrestricted Zip Extraction vulnerability
Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through...
9.1CVSS
6.9AI Score
0.0004EPSS
CVE-2023-39312 WordPress Avada theme <= 7.11.1 - Auth. Unrestricted Zip Extraction vulnerability
Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through...
9.1CVSS
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup: kernel:watchdog: BUG: soft lockup - CPU#3 stuck for 26s!...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup: kernel:watchdog: BUG: soft lockup - CPU#3 stuck for 26s!...
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup: kernel:watchdog: BUG: soft lockup - CPU#3 stuck for 26s!...
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak detector initialized (mempool available:36041).....
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak detector initialized (mempool available:36041).....
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak detector initialized (mempool...
7AI Score
0.0004EPSS
A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery...
4.9CVSS
0.0004EPSS
A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery...
4.9CVSS
5.1AI Score
0.0004EPSS
Missing Authorization vulnerability in Brainstorm Force Convert Pro.This issue affects Convert Pro: from n/a through...
7.1CVSS
6.9AI Score
0.0004EPSS
Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This issue affects Schema Pro: from n/a through...
6.5CVSS
6.5AI Score
0.0004EPSS
Missing Authorization vulnerability in Brainstorm Force Convert Pro.This issue affects Convert Pro: from n/a through...
7.1CVSS
0.0004EPSS
Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This issue affects Schema Pro: from n/a through...
6.5CVSS
0.0004EPSS
CVE-2023-36683 WordPress Schema Pro plugin <= 2.7.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This issue affects Schema Pro: from n/a through...
6.5CVSS
7AI Score
0.0004EPSS
CVE-2023-36683 WordPress Schema Pro plugin <= 2.7.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This issue affects Schema Pro: from n/a through...
6.5CVSS
0.0004EPSS
CVE-2023-36684 WordPress Convert Pro plugin <= 1.7.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Brainstorm Force Convert Pro.This issue affects Convert Pro: from n/a through...
7.1CVSS
7AI Score
0.0004EPSS
CVE-2023-36684 WordPress Convert Pro plugin <= 1.7.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Brainstorm Force Convert Pro.This issue affects Convert Pro: from n/a through...
7.1CVSS
0.0004EPSS
A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery...
4.9CVSS
6.7AI Score
0.0004EPSS
A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery...
4.9CVSS
0.0004EPSS
CVE-2024-38598 md: fix resync softlockup when bitmap size is less than array size
In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup: kernel:watchdog: BUG: soft lockup - CPU#3 stuck for 26s!...
0.0004EPSS
CVE-2024-38539 RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak detector initialized (mempool available:36041).....
0.0004EPSS
Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through...
4.3CVSS
0.0004EPSS
Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through...
4.3CVSS
4.7AI Score
0.0004EPSS
Missing Authorization vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through...
7.5CVSS
7.6AI Score
0.0004EPSS
Missing Authorization vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through...
7.5CVSS
0.0004EPSS
Missing Authorization vulnerability in Woo AutomateWoo.This issue affects AutomateWoo: from n/a through...
6.5CVSS
0.0004EPSS
Missing Authorization vulnerability in Woo AutomateWoo.This issue affects AutomateWoo: from n/a through...
6.5CVSS
6.5AI Score
0.0004EPSS
CVE-2023-36512 WordPress AutomateWoo plugin <= 5.7.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Woo AutomateWoo.This issue affects AutomateWoo: from n/a through...
6.5CVSS
0.0004EPSS
CVE-2023-36512 WordPress AutomateWoo plugin <= 5.7.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Woo AutomateWoo.This issue affects AutomateWoo: from n/a through...
6.5CVSS
7AI Score
0.0004EPSS
Missing Authorization vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through...
7.5CVSS
0.0004EPSS
CVE-2023-39922 WordPress Avada theme <= 7.11.1 - Authenticated Broken Access Control vulnerability
Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through...
4.3CVSS
0.0004EPSS
Missing Authorization vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through...
8.8CVSS
8.7AI Score
0.0004EPSS
Missing Authorization vulnerability in QuadLayers WooCommerce Checkout Manager.This issue affects WooCommerce Checkout Manager: from n/a through...
6.5CVSS
6.5AI Score
0.0004EPSS