Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition issue between element substitution and closure in the bpf, sockmap subsystem...

DEBIAN-CVE-2024-53145

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

AZL-54960 CVE-2024-53145 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

UBUNTU-CVE-2024-53145

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

CVE-2024-53145 um: Fix potential integer overflow during physmem setup

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on UML/i386...

CVE-2024-11196 Multi-column Tag Map <= 17.0.33 - Authenticated (Contributor+) Stored Cross-Site Scripting via mctagmap Shortcode

The Multi-column Tag Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mctagmap shortcode in all versions up to, and including, 17.0.33 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-11196 Multi-column Tag Map <= 17.0.33 - Authenticated (Contributor+) Stored Cross-Site Scripting via mctagmap Shortcode

The Multi-column Tag Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mctagmap shortcode in all versions up to, and including, 17.0.33 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress plugin Multi-column Tag Map 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

GHSA-49W6-73CW-CHJR Astro's server source code is exposed to the public if sourcemaps are enabled

Summary A bug in the build process allows any unauthenticated user to read parts of the server source code. Details During build, along with client assets such as css and font files, the sourcemap files for the server code are moved to a publicly-accessible folder...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr...

PT-2024-33700 · Qualcomm · Snapdragon

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue involves memory corruption that occurs while processing multiple IOCTL calls from HLOS to DSP. There is also a logic bug in the FASTRPC ATTR KEEP MAP logic, which allows for the...

CVE-2024-12523 States Map US <= 2.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The States Map US plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'statesmap' shortcode in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

PT-2024-17639 · WordPress · States Map Us

Name of the Vulnerable Software and Affected Versions: The States Map US plugin for WordPress versions up to, and including, 2.4.2 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping on user-supplied attributes in the states...

WordPress States Map US plugin <= 2.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin States Map US versions = 2.4.2...

OESA-2024-2536 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use two-phase skb reclamation in ieee80211dostop Since 'devqueuexmit' should be called with interrupts enabled, the following backtrace:...

secretmem: disable memfd_secret() if arch cannot set direct map

...

jfs: check if leafidx greater than num leaves per dmap tree

...

Apple iOS和iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.Apple iOS and iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an...

UBUNTU-CVE-2024-47540

GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. When size allocator-memunmapfull or mem-allocator-memunmap. This vulnerability coul...