6501 matches found
CVE-2024-39500
In the Linux kernel, the following vulnerability has been resolved: sockmap: avoid race between sockmapclose and skpsockput skpsockget will return NULL if the refcount of psock has gone to 0, which will happen when the last call of skpsockput is done. However, skpsockdrop may not have finished ye...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the kernelmappages function of the riscv architecture sleeping in an invalid environment...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between sockmapclose and skpsockput in the sockmap component...
CVE-2024-3604
The OSM – OpenStreetMap plugin for WordPress is vulnerable to SQL Injection via the 'taggedfilter' attribute of the 'osmmapv3' shortcode in all versions up to, and including, 6.0.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
CVE-2024-3603
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'osmmap' shortcode in all versions up to, and including, 6.0.2 due to insufficient input sanitization and output escaping on user supplied attributes such as 'theme'. This makes it possible...
PT-2024-26854 · WordPress · Osm – Openstreetmap
Name of the Vulnerable Software and Affected Versions: OSM – OpenStreetMap plugin for WordPress versions up to, and including, 6.0.2 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'osm map' shortcode due to insufficient input sanitization and output escaping on...
PT-2024-29225
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the bpf timer cancel and free function in the Linux kernel, where two timer callbacks trying to cancel each other can lead to a deadlock situation. This can be...
PT-2024-26140 · Unknown · Pvr Bridge Kernel Module
Name of the Vulnerable Software and Affected Versions: PVR bridge kernel module affected versions not specified Description: The issue is related to a logic error in the PVRSRV MMap function of pvr bridge k.c, which could lead to arbitrary code execution. This might result in local escalation of...
PT-2024-26858 · WordPress · Osm – Openstreetmap Plugin
Name of the Vulnerable Software and Affected Versions: OSM – OpenStreetMap plugin for WordPress versions up to, and including, 6.0.2 Description: The issue is related to SQL Injection via the tagged filter attribute of the osm map v3 shortcode due to insufficient escaping on the user-supplied...
PT-2024-35760 · WordPress · La-Studio Element Kit For Elementor
Name of the Vulnerable Software and Affected Versions: LA-Studio Element Kit for Elementor plugin for WordPress versions up to, and including, 1.3.8.1 Description: The issue allows authenticated attackers with Contributor-level access and above to include and execute arbitrary files on the server...
WordPress WP Google Map Plugin Plugin <= 4.6.1 is vulnerable to SQL Injection
Software WP Google Map Plugin Type Plugin Vulnerable versions = 4.6.1 Fixed in 4.6.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-2386 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 6fa4ba8a185e Credits Krzysztof Zając Required privilege Contributo...
bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
...
CVE-2024-39840
Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake objects...
CVE-2024-39840
Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake objects...
PT-2024-28696 · Factorio · Factorio
Name of the Vulnerable Software and Affected Versions: Factorio versions prior to 1.1.101 Description: The issue allows a crafted server to execute arbitrary code on clients via a custom map. This is achieved by leveraging the ability of certain Lua base module functions to execute bytecode and...
CVE-2024-39840
Factorio before 1.1.101 is affected. A crafted server map can trigger arbitrary code execution on clients by abusing certain Lua base module functions to execute bytecode and create fake objects. Affected component: Factorio server/client interaction via custom maps; root cause: Lua base module f...
OESA-2024-1755 aspell security update
GNU Aspell is a spell checker intended to replace Ispell. It can be used as a library and spell checker. Its main feature is that it provides much better suggestions than other inspectors, including Ispell and Microsoft Word. It also has many other technical enhancements to Ispell, such as the us...
CVE-2024-35545
MAP-OS v4.45.0 and earlier was discovered to contain a cross-site scripting XSS vulnerability...
CVE-2024-35545
MAP-OS v4.45.0 and earlier was discovered to contain a cross-site scripting XSS vulnerability...
CVE-2024-35545
MAP-OS v4.45.0 and earlier was discovered to contain a cross-site scripting XSS vulnerability...