CVE-2024-49902

...

WordPress I Plant A Tree plugin <= 1.7.3 - CSRF to Stored Cross-Site Scripting vulnerability

CSRF to Stored Cross-Site Scripting vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin I Plant A Tree versions = 1.7.3...

CVE-2023-29173

Missing Authorization vulnerability in AwesomeTOGI Product Category Tree product-category-tree allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Category Tree: from n/a through = 2.5...

CVE-2023-29173

Missing Authorization vulnerability in AWESOME TOGI Product Category Tree allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Category Tree: from n/a through 2.5...

CVE-2023-29173

CVE-2023-29173: WordPress Product Category Tree plugin

PT-2024-12206 · Unknown · Awesome Togi Product Category Tree

Name of the Vulnerable Software and Affected Versions: AWESOME TOGI Product Category Tree versions n/a through 2.5 Description: The issue is related to a Missing Authorization vulnerability in the AWESOME TOGI Product Category Tree, which allows exploitation of incorrectly configured access contr...

SUSE CVE-2024-53109

In the Linux kernel, the following vulnerability has been resolved: nommu: pass NULL argument to vmaiterprealloc When deleting a vma entry from a maple tree, it has to pass NULL to vmaiterprealloc in order to calculate internal state of the tree, but it passed a wrong argument. As a result, nommu...

GHSA-9R9M-FFP6-9X4V vue-i18n has cross-site scripting vulnerability with prototype pollution

Vulnerability type XSS Description vue-i18n can be passed locale messages to createI18n or useI18n. we can then translate them using t and $t. vue-i18n has its own syntax for local messages, and uses a message compiler to generate AST. In order to maximize the performance of the translation...

CVE-2024-53109

In the Linux kernel, the following vulnerability has been resolved: nommu: pass NULL argument to vmaiterprealloc When deleting a vma entry from a maple tree, it has to pass NULL to vmaiterprealloc in order to calculate internal state of the tree, but it passed a wrong argument. As a result, nommu...

DEBIAN-CVE-2024-53109

In the Linux kernel, the following vulnerability has been resolved: nommu: pass NULL argument to vmaiterprealloc When deleting a vma entry from a maple tree, it has to pass NULL to vmaiterprealloc in order to calculate internal state of the tree, but it passed a wrong argument. As a result, nommu...

AZL-54126 CVE-2024-53109 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: nommu: pass NULL argument to vmaiterprealloc When deleting a vma entry from a maple tree, it has to pass NULL to vmaiterprealloc in order to calculate internal state of the tree, but it passed a wrong argument. As a result, nommu...

UBUNTU-CVE-2024-53109

In the Linux kernel, the following vulnerability has been resolved: nommu: pass NULL argument to vmaiterprealloc When deleting a vma entry from a maple tree, it has to pass NULL to vmaiterprealloc in order to calculate internal state of the tree, but it passed a wrong argument. As a result, nommu...

CVE-2024-53109 nommu: pass NULL argument to vma_iter_prealloc()

In the Linux kernel, the following vulnerability has been resolved: nommu: pass NULL argument to vmaiterprealloc When deleting a vma entry from a maple tree, it has to pass NULL to vmaiterprealloc in order to calculate internal state of the tree, but it passed a wrong argument. As a result, nommu...

SUSE-SU-2024:4103-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 LTSS kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47589: igbvf: fix double free in igbvfprobe bsc1226557. - CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1231893. - CVE-2022-48960: net:...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48879: efi: fix NULL-deref in init error path bsc1229556. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1231893. CVE-2022-48959: net: dsa:...

Malicious code in json-tree-preview (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0892c74ee2d08c098ac37071b098b7b98d3d6e56f4ed823199117411d0538e4a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10983 Malicious code in json-tree-preview (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0892c74ee2d08c098ac37071b098b7b98d3d6e56f4ed823199117411d0538e4a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Elevate Cyber Defense with Qualys Advanced Hunting

Introduction In today’s cyber threat landscape, proactive approaches such as threat hunting have become key in any organization’s defense strategy, identifying and tackling threats before they become an incident. That is why Qualys is delighted to introduce Advanced Hunting , our threat-hunting...

USN-7121-3 linux-oracle vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ATM...

CVE-2024-50200

In the Linux kernel, the following vulnerability has been resolved: mapletree: correct tree corruption on spanning store Patch series "mapletree: correct tree corruption on spanning store", v3. There has been a nasty yet subtle maple tree corruption bug that appears to have been in existence sinc...