WordPress Image Map Pro Plugin <= 6.0.20 is vulnerable to Broken Access Control

Software Image Map Pro Type Plugin Vulnerable versions = 6.0.20 Fixed in 6.0.21 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9584 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 0749ab20b9c9 Credits István Márton Required privile...

WordPress plugin Image Map Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Image Map Pro Plugin <= 6.0.20 is vulnerable to Cross Site Scripting (XSS)

Software Image Map Pro Type Plugin Vulnerable versions = 6.0.20 Fixed in 6.0.21 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9585 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a95cd9692952 Credits István Márton Required...

PT-2024-39701 · WordPress · Image Map Pro

Name of the Vulnerable Software and Affected Versions: Image Map Pro plugin for WordPress versions up to, and including, 6.0.20 Description: The issue allows authenticated attackers with contributor-level privileges or above to modify data and potentially cause loss of data due to a missing...

WordPress Interactive World Map plugin <= 3.4.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Sc1duck Patchstack Alliance in WordPress Plugin Interactive World Map versions = 3.4.4...

WordPress Interactive World Map Plugin <= 3.4.4 is vulnerable to Cross Site Scripting (XSS)

Software Interactive World Map Type Plugin Vulnerable versions = 3.4.4 Fixed in 3.4.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50462 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8a6a52b085c5 Credits Sc1duck Required privilege...

AZL-50942 CVE-2024-50048 affecting package kernel for versions less than 6.6.57.1-1

In the Linux kernel, the following vulnerability has been resolved: fbcon: Fix a NULL pointer dereference issue in fbconputcs syzbot has found a NULL pointer dereference bug in fbcon. Here is the simplified C reproducer: struct param uint8t type; struct tioclselection ts; ; int main struct...

AZL-51342 CVE-2024-50017 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K...

CVE-2024-50017

In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K...

DEBIAN-CVE-2024-50017

In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K...

UBUNTU-CVE-2024-50017

In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K...

AZL-52922 CVE-2024-49902 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: jfs: check if leafidx greater than num leaves per dmap tree syzbot report a out of bounds in dbSplit, it because dmtleafidx greater than num leaves per dmap tree, add a checking for dmtleafidx in dbFindLeaf. Shaggy: Modified sani...

SUSE CVE-2024-47710

In the Linux kernel, the following vulnerability has been resolved: sockmap: Add a condresched in sockhashfree Several syzbot soft lockup reports all have in common sockhashfree If a map with a large number of buckets is destroyed, we need to yield the cpu when needed...

SUSE CVE-2024-49858

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

CVE-2024-49858

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

DEBIAN-CVE-2024-49858

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

CVE-2024-49858

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

AZL-50773 CVE-2024-49858 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

AZL-50957 CVE-2024-49858 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

DEBIAN-CVE-2024-49861

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map like in case of .rodata, it was still possible to write into it from a BPF program side through specific helpers having...