WordPress Master Slider - Responsive Touch Slider plugin <= 3.10.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode vulnerability

WordPress Master Slider - Responsive Touch Slider plugin = 3.10.6 - Authenticated Contributor+ Stored Cross-Site Scripting via mslayer Shortcode vulnerability discovered by Krzysztof Zając - CERT PL in WordPress Plugin Master Slider versions = 3.10.6...

CVE-2024-11731

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's msslider shortcode in all versions up to, and including, 3.10.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

aiohttp 3.10.6 < 3.10.11 Memory Leak Vulnerability - Windows

aiohttp is prone to a memory leak vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:aio-libsproject:aiohttp";...

aiohttp 安全漏洞

aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python from aio-libs open source. A security vulnerability exists in aiohttp version 3.10.6 through versions prior to 3.10.11, which stems from the presence of a memory leak, where an attacker may be able to exhau...

PT-2024-8691 · Aiohttp · Aiohttp

Name of the Vulnerable Software and Affected Versions: aiohttp versions 3.10.6 through 3.10.10 Description: A memory leak can occur when a request produces a MatchInfoError. This issue is caused by adding an entry to a cache on each request, due to the building of each MatchInfoError producing a...

JumpServer 安全漏洞

JumpServer is an open source bastion machine from Hangzhou Feizhiyun Information Technology Co. in China. A security vulnerability exists in JumpServer versions prior to v3.10.6, which stems from the fact that if an authorized attacker manages to learn the playbookid of another user, they can gai...

SUSE CVE-2013-4205

Memory leak in the unshareuserns function in kernel/usernamespace.c in the Linux kernel before 3.10.6 allows local users to cause a denial of service memory consumption via an invalid CLONENEWUSER unshare call...

Joomla! input validation error vulnerability (CNVD-2022-64098)

Joomla! is a set of forum components used in the Joomla! content management system. versions 2.5.0 to 3.10.6 and 4.0.0 to 4.1.0 contain an input validation error vulnerability that can be exploited by attackers to invalidate the check of whether the redirected url is internal, possibly leading to...

Path traversal

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Extracting an specifilcy crafted tar package could write files outside of the intended path...

Joomla! 4.1.0 Zip Slip File Overwrite / Path Traversal

------------------------------------------------- Joomla! getTarInfo$this-data; 114. 115. for $i = 0, $n = \count$this-metadata; $i metadata$i'type'; 118. 119. if $type == 'file' || $type == 'unix file' 120. 121. $buffer = $this-metadata$i'data'; 122. $path = Path::clean$destination . '/'...

ai.catboost:catboost-spark_3.1_2.12 (>=1.0.1 <=1.2.8), ai.catboost:catboost-spark_3.2_2.12 (>=1.0.6 <=1.2.10) +7009 more potentially affected by CVE-2019-20444 via io.netty:netty (>=3.10.0.Final <=3.10.6.Final)

io.netty:netty MAVEN version =3.10.0.Final, =1.0.1, =1.0.6, =1.0.6, =1.1, =1.1.1, =1.2, =1.2, =1.2.3, =1.2.3, =0.1.7, =0.1.7, =0.10.0, =0.10.0, =0.10.0, =0.15.0 and more Source cves: CVE-2019-20444 Source advisory: OSV:GHSA-CQQJ-4P63-RRMM...

CVE-2019-15595

A privilege escalation exists in UniFi Video Controller =3.10.6 that would allow an attacker on the local machine to run arbitrary commands...

DEBIAN-CVE-2013-4205

Memory leak in the unshareuserns function in kernel/usernamespace.c in the Linux kernel before 3.10.6 allows local users to cause a denial of service memory consumption via an invalid CLONENEWUSER unshare call...

PT-2013-4896 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.10.6 Description: The issue is related to a memory leak in the unshare userns function, which can be triggered by local users through an invalid CLONE NEWUSER unshare call, leading to a denial of service due t...