CVE-2024-56299 WordPress Notify Odoo plugin <= 1.0.0 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pektsekye Notify Odoo notify-odoo allows Stored XSS.This issue affects Notify Odoo: from n/a through = 1.0.0...

CVE-2024-56299 WordPress Notify Odoo plugin <= 1.0.0 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pektsekye Notify Odoo notify-odoo allows Stored XSS.This issue affects Notify Odoo: from n/a through = 1.0.0...

CVE-2024-56299

CVE-2024-56299 is a Cross-Site Scripting flaw in the Notify Odoo WordPress plugin (Pektsekye Notify Odoo) allowing Stored XSS via unsanitized input during web page generation. Affected range: Notify Odoo up to version 1.0.0. Public disclosures in connected sources confirm a CSRF-to-SXSS chain and...

WordPress plugin Notify Odoo 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...

WordPress Notify Odoo plugin <= 1.0.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Notify Odoo versions = 1.0.0...

libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart

A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the...

libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart

A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the...

libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart

A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the...

The vulnerability of the mac80211 component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the mac80211 component in the Linux operating system’s kernel is related to the use of an uninitialized resource in the function ieee80211statxwmmacnotify. Exploiting this vulnerability can allow a attacker to cause a service failure...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Register VF in netvscprobe if NETDEVICEREGISTER missed CVE-2024-26820 In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of...

Malicious code in action-mattermost-notify (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff777c42ea9a589391478ecfd89da15137033e8ce5e0961b26f277f6e055c70e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11836 Malicious code in action-mattermost-notify (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff777c42ea9a589391478ecfd89da15137033e8ce5e0961b26f277f6e055c70e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-41690

Missing Authorization vulnerability in Wiser Notify WiserNotify Social Proof allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WiserNotify Social Proof: from n/a through 2.5...

PT-2025-3620

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description The issue arises from ksmbd attempting to set atime and mtime via notify change without also setting ctime, resulting in a warning. This warning is triggered by the setattr copy function. The...

libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart

A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the...

The vulnerability of the arp_sys_asp function in D-Link DI-8003 router microprogramming software allows a hacker to trigger buffer overflow attacks.

The vulnerability of the arpsysasp function in D-Link DI-800 router microprogramming software is related to the execution of operations outside the buffer during the processing of the notify parameter. Exploiting this vulnerability allows a remote attacker to trigger a buffer overflow...

UBUNTU-CVE-2024-53090

In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afswakeupasynccall can incur lock recursion. The problem is that it is called from AFRXRPC whilst holding the -notifylock, but it tries to take a ref on the afscall struct in order to pass it to a work que...

CVE-2024-53090 afs: Fix lock recursion

In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afswakeupasynccall can incur lock recursion. The problem is that it is called from AFRXRPC whilst holding the -notifylock, but it tries to take a ref on the afscall struct in order to pass it to a work que...

CVE-2024-52757

D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow via the notify parameter in the arpsysasp function...

PT-2024-8597 · D Link · D-Link Di-8003

Name of the Vulnerable Software and Affected Versions: D-LINK DI-8003 version 16.07.16A1 Description: The issue is related to a buffer overflow in the arp sys asp function when processing the notify parameter. This can be exploited by a remote attacker to cause a buffer overflow. Recommendations:...