Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the atomicization of the PHY FSM conversion in the DRM and display mechanisms. This vulnerability...

EUVD-2024-31677

Malicious code in bioql PyPI...

drm/amd/display: Fix disable_otg_wa logic

...

CVE-2024-3071

The ACF On-The-Go plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the acfgupdatefields function in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to...

usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock

...

UBUNTU-CVE-2024-42085

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock When config CONFIGUSBDWC3DUALROLE is selected, and trigger system to enter suspend status with below command: echo mem /sys/power/state There...

CVE-2024-3071

The ACF On-The-Go plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the acfgupdatefields function in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to...

CVE-2024-3071

CVE-2024-3071 affects the ACF On-The-Go plugin for WordPress. The issue is a missing capability check in acfg_update_fields(), making authenticated users with subscriber level access and above able to modify arbitrary post titles, descriptions, and ACF values in all versions up to 1.0.1. Publicly...

CVE-2024-3071 ACF On-The-Go <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Content Update

The ACF On-The-Go plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the acfgupdatefields function in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to...

WordPress ACF On-The-Go plugin <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Content Update vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Content Update vulnerability discovered by Francesco Carlucci in WordPress Plugin ACF On-The-Go versions = 1.0.1...

PT-2024-23586 · WordPress · Acf On-The-Go

Name of the Vulnerable Software and Affected Versions: ACF On-The-Go plugin for WordPress versions up to, and including, 1.0.1 Description: The issue is related to a missing capability check on the acfg update fields function, allowing authenticated attackers with subscriber-level access and abov...

WordPress ACF On-The-Go Plugin <= 1.0.1 is vulnerable to Broken Access Control

Software ACF On-The-Go Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3071 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6d532a3fc713 Credits Francesco Carlucci Required...

ACF On-The-Go <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Content Update

Description The ACF On-The-Go plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the acfgupdatefields function in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with subscriber-level access an...

CVE-2023-48698

Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host...

CISO Kit — Breach Protection in the Palm of Your Hand

CISOs and CIOs need to know better than anyone the security pulse of their organizations. On the other hand, they cannot be flooded with every changing detail. Finding the right balance that enables them to clearly grasp the big picture required in making sound decisions is a task many security...

CVE-2017-9569

CVE-2017-9569 affects the Citizens Bank (TX) cbtx-on-the-go/id892396102 iOS app version 3.0.0, which does not verify X.509 certificates from SSL servers. This permits a network-based attacker to perform a MITM and obtain sensitive information via a crafted certificate. Root cause: missing TLS cer...

iOS FTP On The Go 2.1.2 - HTTP Remote DoS

No description provided by source. !/usr/bin/python Apple Iphone/Ipod - FTP On The Go 2.1.2 - HTTP Remote Denial-of-Service Attack Found by: TecR0c Homepage: http://www.ftponthego.com/ Download: From the Apple App Store - http://app2.it/topapp/286479936 Tested on: IPhone 3G - firmware 3.1.2...

Apple Iphone/Ipod - FTP On The Go 2.1.2 - HTTP Remote DoS

No description provided by source. !/usr/bin/python Apple Iphone/Ipod - FTP On The Go 2.1.2 - HTTP Remote Denial-of-Service Attack Found by: TecR0c Homepage: http://www.ftponthego.com/ Download: From the Apple App Store - http://app2.it/topapp/286479936 Tested on: IPhone 3G - firmware 3.1.2...

Apple iPhone / iPod FTP On The Go 2.1.2 Denial Of Service

!/usr/bin/python Apple Iphone/Ipod - FTP On The Go 2.1.2 - HTTP Remote Denial-of-Service Attack Found by: TecR0c Homepage: http://www.ftponthego.com/ Download: From the Apple App Store - http://app2.it/topapp/286479936 Tested on: IPhone 3G - firmware 3.1.2 Notified vendor about vulnerability...

Apple Iphone/Ipod - FTP On The Go 2.1.2 - HTTP Remote DoS

Exploit for unknown platform in category dos / poc ========================================================= Apple Iphone/Ipod - FTP On The Go 2.1.2 - HTTP Remote DoS ========================================================= !/usr/bin/python Apple Iphone/Ipod - FTP On The Go 2.1.2 - HTTP Remote...