CVE-2024-56575 media: imx-jpeg: Ensure power suppliers be suspended before detach them

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Ensure power suppliers be suspended before detach them The power suppliers are always requested to suspend asynchronously, devpmdomaindetach requires the caller to ensure proper synchronization of this function...

JetBrains TeamCity Code Issue Vulnerability

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A code issue vulnerability exists in JetBrains...

Delta Electronics DTM Code Issue Vulnerability

Delta Electronics DTM is a series of temperature controllers from Delta Electronics China. A code issue vulnerability exists in Delta Electronics DTM, which can be exploited by an attacker to execute arbitrary code...

Adobe Acrobat Reader 代码问题漏洞

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDFs. A code issue vulnerability exists in Adobe Acrobat Reader that stems from a null pointer dereference...

InvoicePlane 代码问题漏洞

InvoicePlane is an application from InvoicePlane Open Source. Provides a self-hosted open source application for managing your quotes, invoices, customers and payments. A code issue vulnerability exists in InvoicePlane 1.6.1 and prior versions, which stems from the parameter file in file...

CVE-2023-38477 WordPress QR code MeCard/vCard generator plugin <= 1.6.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Stanislav Kuznetsov QR code MeCard/vCard generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects QR code MeCard/vCard generator: from n/a through 1.6.0...

CVE-2024-11809 Primer MyData for Woocommerce <= 4.2.1 - Reflected Cross-Site Scripting

The Primer MyData for Woocommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'imgsrc' parameter in all versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2024-12271

The 360 Javascript Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ref’ parameter in all versions up to, and including, 1.7.29 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

Huawei HarmonyOS 代码问题漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a code issue vulnerability that stems from a null pointer dereference, which can be exploited by an attacker to affect...

Adobe Acrobat Reader 代码问题漏洞

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has a security vulnerability that can be exploited by an attacker to cause a denial of service...

CVE-2023-49194 WordPress Importify (Dropshipping WooCommerce) plugin <= 1.0.4 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Debugging Code vulnerability in importify Importify Dropshipping WooCommerce importify allows Retrieve Embedded Sensitive Data.This issue affects Importify Dropshipping WooCommerce: from n/a through = 1.0.4...

CVE-2024-8300

Dead Code vulnerability in Mitsubishi Electric GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric Iconics Digital Solutions GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97...

CVE-2024-8300 Malicious Code Execution Vulnerability in GENESIS64 and ICONICS Suite

Dead Code vulnerability in Mitsubishi Electric GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric Iconics Digital Solutions GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97...

CVE-2024-8300 Malicious Code Execution Vulnerability in GENESIS64 and ICONICS Suite

Dead Code vulnerability in Mitsubishi Electric GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric Iconics Digital Solutions GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97...

CVE-2024-8300

CVE-2024-8300 describes a dead-code vulnerability in Mitsubishi Electric GENESIS64 and ICONICS Suite components (versions 10.97.2–10.97.3) that enables a local authenticated attacker to execute malicious code by tampering with a crafted DLL. The impact includes potential disclosure, modification,...

IBM Db2和IBM Watson Query 代码问题漏洞

IBM Db2 and IBM Watson Query are both products of the International Business Machines IBM Corporation.IBM Db2 is a relational database management system. The system executes on UNIX, Linux, IBMi, z/OS, and Windows server versions.IBM Watson Query is a general purpose query engine. Distributed and...

GNU Wget Code Problem Vulnerability

GNU Wget is a set of free software from the American GNU community for downloading over the Internet, which supports downloading over the three most common TCP/IP protocols: HTTP, HTTPS, and FTP. A code issue vulnerability exists in GNU Wget that stems from an application using Wget to access...

WordPress plugin Picsmize 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System version 1.0, which is caused by an SQL injection in the parameter subjectcode...

CVE-2024-40660

In setTransactionState of SurfaceFlinger.cpp, there is a possible way to change protected display attributes due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...