CVE-2019-1989

In ih264dfmtconv420spto420p of ih264dformatconv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...

CVE-2002-1989

Resin 2.1.1 allows remote attackers to cause a denial of service thread and connection consumption via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp...

Linux Distros Unpatched Vulnerability : CVE-2023-1989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in btsdioremove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdioremove with an unfinished job,...

Linux Distros Unpatched Vulnerability : CVE-2013-1989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflows in X.org libXv 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors relat...

RHEL 8 : kernel (RHSA-2024:4740)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4740 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Use after free bug in...

SUSE SLES15 / openSUSE 15 Security Update : cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer (SUSE-SU-2024:1989-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1989-1 advisory. - Bump github.com/containers/image/v5 bsc1224119, CVE-2024-3727 - Remove SLE15 SP4 from the distro check end of general suppor...

Unbreakable Enterprise kernel security update

4.1.12-124.85.1 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to race condition Zheng Wang Orabug: 35282809 CVE-2023-1989...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2024-12354)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12354 advisory. 4.1.12-124.85.1 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to race condition Zheng Wang Orabug: 35282809 CVE-2023-1989 Tenable has...

CVE-2024-1989

creationtimestamp| type| source ---|---|--- 2024-03-06 07:26:46+00:00| seen| https://t.me/ctinow/201063 2024-03-06 07:31:12+00:00| seen| https://t.me/ctinow/201067...

CVE-2024-1989

The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'SassySocialShare' shortcode in all versions up to, and including, 3.3.58 due to insufficient input sanitization and output escaping on user supplied attributes such a...

CVE-2024-1989

The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'SassySocialShare' shortcode in all versions up to, and including, 3.3.58 due to insufficient input sanitization and output escaping on user supplied attributes such a...

CVE-2024-1989

CVE-2024-1989 affects the WordPress Social Sharing Plugin – Sassy Social Share (up to v3.3.58). Root cause: insufficient input sanitization and output escaping on shortcode attributes (e.g., url), enabling stored XSS. Impact: authenticated attackers with contributor+ can inject scripts that execu...

WordPress Sassy Social Share Plugin <= 3.3.58 is vulnerable to Cross Site Scripting (XSS)

Software Sassy Social Share Type Plugin Vulnerable versions = 3.3.58 Fixed in 3.3.59 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1989 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 45fbfca66ad6 Credits Bassem Essam Requir...

[SECURITY] [DLA 3710-1] linux security update

Debian LTS Advisory DLA-3710-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings January 10, 2024 https://wiki.debian.org/LTS Package : linux Version : 4.19.304-1 CVE ID : CVE-2021-44879 CVE-2023-0590 CVE-2023-1077 CVE-2023-1206 CVE-2023-1989 CVE-2023-3212 CVE-2023-33...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2023-13001)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-13001 advisory. - Bluetooth: btsdio: fix use after free bug in btsdioremove due to race condition Zheng Wang CVE-2023-1989 - netfilter: ipset: add the missing IPSETHASHWITHNET...

Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2023-13005)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-13005 advisory. - Bluetooth: btsdio: fix use after free bug in btsdioremove due to race condition Zheng Wang CVE-2023-1989 Tenable has extracted the preceding description bloc...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: tun: avoid double free in tunfreenetdev CVE-2022-4744 kernel: net/sched: multiple vulnerabilities CVE-2023-3609, CVE-2023-3611, CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2023-12974)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12974 advisory. 5.4.17-2136.325.5 - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext Krister Johansen Orabug: 35905508 - char: misc: Increa...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

[SECURITY] [DSA 5492-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5492-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 09, 2023 https://www.debian.org/security/faq -...