2121 matches found
DEBIAN-CVE-2024-41005
In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix race condition in netpollowneractive KCSAN detected a race condition in netpoll: BUG: KCSAN: data-race in netrxaction / netpollsendskb write marked to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10: netrxaction...
UBUNTU-CVE-2024-41005
In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix race condition in netpollowneractive KCSAN detected a race condition in netpoll: BUG: KCSAN: data-race in netrxaction / netpollsendskb write marked to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10: netrxaction...
WordPress Poll Maker 5.3.2 SQL Injection
Exploit Title: WordPress Poll Maker Plugin SQL Injection Date: 2024-07-11 Exploit Author: tmrswrr Category : Webapps Vendor: https://ays-pro.com/wordpress/poll-maker Version 5.3.2 1. Access the Admin Panel: - Navigate to the admin panel of your WordPress site. - Go to Poll Maker Results...
WordPress Poll 2.3.6 SQL Injection Vulnerability
Exploit Title: WordPress Poll Plugin SQL Injection Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://total-soft.com/wp-poll/ Version 2.3.6 1. Access the Admin Panel: - Navigate to the admin panel of your WordPress site. - Go to TS Poll Create Pool Use Theme and save it...
kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context
An operation precedence flaw was found in the Linux kernel’s Mellanox Technologies networking driver. This flaw allows a local user to crash the system or potentially gain access to data that should not be accessible...
kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context
An operation precedence flaw was found in the Linux kernel’s Mellanox Technologies networking driver. This flaw allows a local user to crash the system or potentially gain access to data that should not be accessible...
WordPress Poll 2.3.6 SQL Injection
Exploit Title: WordPress Poll Plugin SQL Injection Date: 2024-07-06 Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://total-soft.com/wp-poll/ Version 2.3.6 1. Access the Admin Panel: - Navigate to the admin panel of your WordPress site. - Go to TS Poll Create Pool Use Theme and...
CVE-2024-2235
The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make users vote on any polls, including those they don't have access to via a CSRF attack...
CVE-2024-2235
The CVE-2024-2235 entry concerns the Himer WordPress theme pre-2.1.1 lacking CSRF checks in multiple areas, enabling CSRF-based vote manipulation on polls (including restricted ones). Affected product: Himer WordPress theme
kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context
An operation precedence flaw was found in the Linux kernel’s Mellanox Technologies networking driver. This flaw allows a local user to crash the system or potentially gain access to data that should not be accessible...
kernel: block: null_blk: end timed out poll request
In the Linux kernel, the following vulnerability has been resolved: block: nullblk: end timed out poll request When poll request is timed out, it is removed from the poll list, but not completed, so the request is leaked, and never get chance to complete. Fix the issue by ending it in timeout...
SUSE CVE-2024-38553
In the Linux kernel, the following vulnerability has been resolved: net: fec: remove .ndopollcontroller to avoid deadlocks There is a deadlock issue found in sungem driver, please refer to the commit ac0a230f719b "eth: sungem: remove .ndopollcontroller to avoid deadlocks". The root cause of the...
SUSE CVE-2024-38597
In the Linux kernel, the following vulnerability has been resolved: eth: sungem: remove .ndopollcontroller to avoid deadlocks Erhard reports netpoll warnings from sungem: netpollsendskbondev: eth0 enabled interrupts in poll gemstartxmit+0x0/0x398 WARNING: CPU: 1 PID: 1 at net/core/netpoll.c:370...
SUSE CVE-2024-38580
In the Linux kernel, the following vulnerability has been resolved: epoll: be better about file lifetimes epoll can call out to vfspoll with a file pointer that may race with the last 'fput'. That would make fcount go down to zero, and while the ep-mtx locking means that the resulting file pointe...
CVE-2022-48745
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use deltimersync in fw reset flow of halting poll Substitute deltimer with deltimersync in fw reset polling deactivation flow, in order to prevent a race condition which occurs when deltimer is called and timer is...
DEBIAN-CVE-2024-38580
In the Linux kernel, the following vulnerability has been resolved: epoll: be better about file lifetimes epoll can call out to vfspoll with a file pointer that may race with the last 'fput'. That would make fcount go down to zero, and while the ep-mtx locking means that the resulting file pointe...
AZL-48252 CVE-2024-38553 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: net: fec: remove .ndopollcontroller to avoid deadlocks There is a deadlock issue found in sungem driver, please refer to the commit ac0a230f719b "eth: sungem: remove .ndopollcontroller to avoid deadlocks". The root cause of the...
DEBIAN-CVE-2024-38553
In the Linux kernel, the following vulnerability has been resolved: net: fec: remove .ndopollcontroller to avoid deadlocks There is a deadlock issue found in sungem driver, please refer to the commit ac0a230f719b "eth: sungem: remove .ndopollcontroller to avoid deadlocks". The root cause of the...
UBUNTU-CVE-2024-38597
In the Linux kernel, the following vulnerability has been resolved: eth: sungem: remove .ndopollcontroller to avoid deadlocks Erhard reports netpoll warnings from sungem: netpollsendskbondev: eth0 enabled interrupts in poll gemstartxmit+0x0/0x398 WARNING: CPU: 1 PID: 1 at net/core/netpoll.c:370...
Himer - Social Questions and Answers < 2.1.1 - Bypass Poll Voting Restrictions via CSRF
Description The theme does not have CSRF checks in some places, which could allow attackers to make users vote on any polls, including those they don't have access to via a CSRF attack PoC The PoC will be displayed on June 26, 2024, to give users the time to update...