Apple iOS和iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.Apple iOS and iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an...

UBUNTU-CVE-2024-47540

GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. When size allocator-memunmapfull or mem-allocator-memunmap. This vulnerability coul...

CVE-2024-10496

An out of bounds read due to improper input validation in BuildFontMap in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q...

CVE-2024-10494 Out of bounds read in HeapObjMapImpl.cpp in NI LabVIEW

An out of bounds read due to improper input validation in HeapObjMapImpl.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q3 and pri...

NI LabVIEW 安全漏洞

NI LabVIEW National Instruments LabVIEW is a graphical program compilation platform from National Instruments NI. A security vulnerability exists in NI LabVIEW that originates from improper validation of inputs to BuildFontMap in fontmgr.cpp, resulting in out-of-bounds reads that could disclose...

The vulnerability of the sock_map component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the sockmap component in the Linux operating system’s kernel is related to the assignment of the NULL pointer in the function sockmapclose. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-11866

The BMLT Tabbed Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bmlttabbedmap' shortcode in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-11866 BMLT Tabbed Map <= 1.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

The BMLT Tabbed Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bmlttabbedmap' shortcode in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress plugin BMLT Tabbed Map 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-17303 · WordPress · Bmlt Tabbed Map

Name of the Vulnerable Software and Affected Versions: BMLT Tabbed Map plugin for WordPress versions 1.1.8 and earlier Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'bmlt tabbed map' shortcode due to insufficient input sanitization and output escaping on...

WordPress BMLT Tabbed Map plugin <= 1.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin BMLT Tabbed Map versions = 1.1.8...

CVE-2024-53715

Cross-Site Request Forgery CSRF vulnerability in Thomas Hoefter Simple Travel Map simple-travel-map allows Stored XSS.This issue affects Simple Travel Map: from n/a through = 0.1...

CVE-2024-53715 WordPress Simple Travel Map plugin <= 0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Thomas Hoefter Simple Travel Map simple-travel-map allows Stored XSS.This issue affects Simple Travel Map: from n/a through = 0.1...

CVE-2024-53715 WordPress Simple Travel Map plugin <= 0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Thomas Hoefter Simple Travel Map simple-travel-map allows Stored XSS.This issue affects Simple Travel Map: from n/a through = 0.1...

CVE-2024-53715

CVE-2024-53715 is a CSRF to Stored XSS vulnerability in the WordPress plugin Simple Travel Map (versions

CVE-2024-53769 WordPress Custom Post Type to Map Store plugin <= 1.1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in lriaudel Custom Post Type to Map Store cpt-to-map-store allows Stored XSS.This issue affects Custom Post Type to Map Store: from n/a through = 1.1.0...

CVE-2024-53769 WordPress Custom Post Type to Map Store plugin <= 1.1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in lriaudel Custom Post Type to Map Store cpt-to-map-store allows Stored XSS.This issue affects Custom Post Type to Map Store: from n/a through = 1.1.0...

CVE-2024-53769

CVE-2024-53769 is a CSRF-to-Stored XSS vulnerability affecting the WordPress plugin “Custom Post Type to Map Store” up to version 1.1.0. The issue is triggered by cross-site requests that lead to stored XSS and is documented with CVSS v3.1 base score 7.1 (HIGH). The available sources describe the...

PT-2024-35822 · Unknown · Simple Travel Map

Name of the Vulnerable Software and Affected Versions: Simple Travel Map versions n/a through 0.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...

WordPress plugin Custom Post Type to Map Store 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...