19 matches found
CVE-2024-56773
In the Linux kernel, the following vulnerability has been resolved: kunit: Fix potential null dereference in kunitdevicedrivertest kunitkzalloc may return a NULL pointer, dereferencing it without NULL check may lead to NULL dereference. Add a NULL check for teststate...
CVE-2024-56692
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node blkaddr in truncatenode syzbot reports a f2fs bug as below: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2534! RIP: 0010:f2fsinvalidateblocks+0x35f/0x370...
CVE-2024-56671
In the Linux kernel, the following vulnerability has been resolved: gpio: graniterapids: Fix vGPIO driver crash Move setting irqchip.name from probe function to the initialization of "irqchip" struct in order to fix vGPIO driver crash during bootup. Crash was caused by unauthorized modification o...
CVE-2024-56589
In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Add condresched for no forced preemption model For no forced preemption model kernel, in the scenario where the expander is connected to 12 high performance SAS SSDs, the following call trace may occur: 214.409199...
CVE-2024-53160
In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in modtimer / kvfreecallrcu KCSAN reports a data race when access the krcp-monitorwork.timer.expires variable in the scheduledelayedmonitorwork function: BUG: KCSAN: data-race in modtimer / kvfreecallrcu...
CVE-2024-49962
In the Linux kernel, the following vulnerability has been resolved: ACPICA: check null return of ACPIALLOCATEZEROED in acpidbconverttopackage ACPICA commit 4d4547cf13cca820ff7e0f859ba83e1a610b9fd0 ACPIALLOCATEZEROED may fail, elements might be NULL and will cause NULL pointer dereference later...
seaskymedical.com Cross Site Scripting vulnerability OBB-3839214
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
celltreat.com Cross Site Scripting vulnerability OBB-3839131
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress WP Time Slots Booking Form Plugin <= 1.1.82 is vulnerable to Broken Access Control
Software WP Time Slots Booking Form Type Plugin Vulnerable versions = 1.1.82 Fixed in 1.1.83 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-23895 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 9da0396d6743 Credits yuyudhn Required...
WordPress FL3R FeelBox Plugin <= 8.1 is vulnerable to SQL Injection
Software FL3R FeelBox Type Plugin Vulnerable versions = 8.1 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-4445 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 949edd8b1308 Credits cydave Required privilege Unauthenticated Published 20...
WordPress WP Smart Preloader Plugin <= 1.15 is vulnerable to Cross Site Scripting (XSS)
Software WP Smart Preloader Type Plugin Vulnerable versions = 1.15 Fixed in 1.15.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23675 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 25728fd02383 Credits Rio Darmawan Require...
WordPress PixelYourSite – Your smart PIXEL (TAG) Manager Plugin <= 9.3.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software PixelYourSite – Your smart PIXEL TAG Manager Type Plugin Vulnerable versions = 9.3.0 Fixed in 9.3.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-22700 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bf76bce3f34...
sistemas.unicamp.br Cross Site Scripting vulnerability OBB-3160975
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
webmail.cachacaprazerdeminas.com.br Cross Site Scripting vulnerability OBB-2341832
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
jira.ogurki.com Cross Site Scripting vulnerability OBB-2341427
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
ok-sle.com.tw Improper Access Control vulnerability OBB-2341300
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
polyphonic.be XSS vulnerability
Open Bug Bounty ID: OBB-689549 Description| Value ---|--- Affected Website:| polyphonic.be Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...
at-eat.com XSS vulnerability
Vulnerable URL: http://www.at-eat.com/phpinfo.php?GLOBALStest=%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 30572712 VIP website...
cch-mi.org Open Redirect vulnerability
Vulnerable URL: http://www.cch-mi.org/click.aspx?url=http://www.xssposed.org Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 15:22 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 7948841 Google...