kernel: gpiolib: cdev: Fix use after free in lineinfo_changed_notify

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...

Malicious code in wallet-balance-notifier (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d54ad3ccf5c32e9b01fe9f246e6c8136581e1e3420923ae2713221672e7279e6 The OpenSSF Package Analysis project identified 'wallet-balance-notifier' @ 1.0.0 npm as malicious. It is considered malicious because: - The...

WordPress Waitlist Woocommerce ( Back in stock notifier ) plugin <= 2.7.5 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Waitlist Woocommerce Back in stock notifier versions = 2.7.5...

CVE-2024-8724 Waitlist Woocommerce ( Back in stock notifier ) <= 2.7.5 - Reflected Cross-Site Scripting

The Waitlist Woocommerce Back in stock notifier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.7.5. This makes it possible for unauthenticated attackers to inject...

CVE-2024-8730

The Exit Notifier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.9.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

CVE-2024-8730

The Exit Notifier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.10.4. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

CVE-2024-8730 Exit Notifier <= 1.10.4 - Reflected Cross-Site Scripting

The Exit Notifier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.10.4. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

CVE-2024-8730 Exit Notifier <= 1.10.4 - Reflected Cross-Site Scripting

The Exit Notifier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.10.4. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

CVE-2024-8730

CVE-2024-8730 concerns the Exit Notifier plugin for WordPress. A Reflected Cross-Site Scripting vulnerability exists in all versions up to and including 1.9.1 due to improper escaping of URLs when using add_query_arg, enabling unauthenticated attackers to inject script into pages that run when a ...

WordPress Exit Notifier plugin <= 1.9.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Exit Notifier versions = 1.9.1...

WordPress plugin Exit Notifier 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

WordPress Exit Notifier Plugin <= 1.9.1 is vulnerable to Cross Site Scripting (XSS)

Software Exit Notifier Type Plugin Vulnerable versions = 1.9.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8730 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f179ddd5b3e3 Credits vgo0 Required privileg...

PT-2024-39209 · WordPress · Exit Notifier

Name of the Vulnerable Software and Affected Versions: Exit Notifier plugin for WordPress versions up to, and including, 1.9.1 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg without appropriate escaping on the URL. This allows unauthenticated...

SUSE CVE-2024-43833

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix NULL pointer dereference in adding ancillary links In v4l2asynccreateancillarylinks, ancillary links are created for lens and flash sub-devices. These are sub-device to sub-device links and if the async...

DEBIAN-CVE-2024-43833

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix NULL pointer dereference in adding ancillary links In v4l2asynccreateancillarylinks, ancillary links are created for lens and flash sub-devices. These are sub-device to sub-device links and if the async...

CVE-2024-43833

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix NULL pointer dereference in adding ancillary links In v4l2asynccreateancillarylinks, ancillary links are created for lens and flash sub-devices. These are sub-device to sub-device links and if the async...

AZL-48030 CVE-2024-43833 affecting package kernel for versions less than 6.6.47.1-1

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix NULL pointer dereference in adding ancillary links In v4l2asynccreateancillarylinks, ancillary links are created for lens and flash sub-devices. These are sub-device to sub-device links and if the async...

UBUNTU-CVE-2024-43833

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix NULL pointer dereference in adding ancillary links In v4l2asynccreateancillarylinks, ancillary links are created for lens and flash sub-devices. These are sub-device to sub-device links and if the async...

CVE-2024-43833 media: v4l: async: Fix NULL pointer dereference in adding ancillary links

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix NULL pointer dereference in adding ancillary links In v4l2asynccreateancillarylinks, ancillary links are created for lens and flash sub-devices. These are sub-device to sub-device links and if the async...

PT-2024-32254

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer access issue has been resolved in the Linux kernel's wifi module, specifically in mt76 and mt7921. The issue occurred when disabling wifi, and the mt7921 ipv6 addr change...