249 matches found
PT-2025-1511 · Kwhotel · Kwhotel
Name of the Vulnerable Software and Affected Versions: KWHotel version 0.47 Description: The issue concerns CSV Formula Injection in the invoice adding function. This allows for potential exploitation through malicious formula injection in CSV files. Recommendations: For KWHotel version 0.47,...
SourceCodester Phone Contact Manager System 安全漏洞
SourceCodester Phone Contact Manager System is an open source phone contact management system from SourceCodester. A security vulnerability exists in version 1.0 of the SourceCodester Phone Contact Manager System, which stems from an incorrect input validation issue contained in the...
PT-2024-17564 · Unknown · Sourcecodester Phone Contact Manager System
Name of the Vulnerable Software and Affected Versions: SourceCodester Phone Contact Manager System version 1.0 Description: A vulnerability has been found in the SourceCodester Phone Contact Manager System, classified as problematic. The issue is related to improper input validation, affecting th...
CVE-2024-31695
A misconfiguration in the fingerprint authentication mechanism of Binance: BTC, Crypto and NFTS v2.85.4, allows attackers to bypass authentication when adding a new fingerprint...
Binance 安全漏洞
Binance is a cryptocurrency trading platform from Binance. Binance suffers from a security vulnerability that stems from a misconfiguration of the fingerprint authentication mechanism, which allows an attacker to bypass authentication when adding a new fingerprint...
CVE-2024-50122 PCI: Hold rescan lock while adding devices during host probe
In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...
CVE-2024-50122 PCI: Hold rescan lock while adding devices during host probe
In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the PCI module failing to properly hold a rescan lock when adding a device, which could cause the kernel to cras...
CVE-2024-49939 wifi: rtw89: avoid to add interface to list twice when SER
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid to add interface to list twice when SER If SER L2 occurs during the WoWLAN resume flow, the add interface flow is triggered by ieee80211reconfig. However, due to rtw89wowresume return failure, it will cause the...
WordPress WooCommerce Multiple Free Gift plugin <= 1.2.3 - Insufficient Server-Side Validation to Arbitrary Gift Adding vulnerability
Insufficient Server-Side Validation to Arbitrary Gift Adding vulnerability discovered by Danielius Vargonas in WordPress Plugin WooCommerce Multiple Free Gift versions = 1.2.3...
CVE-2022-3459 WooCommerce Multiple Free Gift <= 1.2.3 - Insufficient Server-Side Validation to Arbitrary Gift Adding
The WooCommerce Multiple Free Gift plugin for WordPress is vulnerable to gift manipulation in all versions up to, and including, 1.2.3. This is due to plugin not enforcing server-side checks on the products that can be added as a gift. This makes it possible for unauthenticated attackers to add...
CVE-2022-3459 WooCommerce Multiple Free Gift <= 1.2.3 - Insufficient Server-Side Validation to Arbitrary Gift Adding
The WooCommerce Multiple Free Gift plugin for WordPress is vulnerable to gift manipulation in all versions up to, and including, 1.2.3. This is due to plugin not enforcing server-side checks on the products that can be added as a gift. This makes it possible for unauthenticated attackers to add...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly handle the device busy state when adding a serial port. No details of the vulnerabilit...
AZL-47817 CVE-2024-43374 affecting package vim for versions less than 9.0.2190-5
The UNIX editor Vim prior to version 9.1.0678 has a use-after-free error in argument list handling. When adding a new file to the argument list, this triggers Buf autocommands. If in such an autocommand the buffer that was just opened is closed including the window where it is shown, this causes...
CVE-2024-42103
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix adding block group to a reclaim list and the unused list during reclaim There is a potential parallel list adding for retrying in btrfsreclaimbgswork and adding to the unused list. Since the block group is removed from...
CVE-2024-42103 btrfs: fix adding block group to a reclaim list and the unused list during reclaim
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix adding block group to a reclaim list and the unused list during reclaim There is a potential parallel list adding for retrying in btrfsreclaimbgswork and adding to the unused list. Since the block group is removed from...
CVE-2024-42103 btrfs: fix adding block group to a reclaim list and the unused list during reclaim
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix adding block group to a reclaim list and the unused list during reclaim There is a potential parallel list adding for retrying in btrfsreclaimbgswork and adding to the unused list. Since the block group is removed from...
CVE-2024-6023 ContentLock <= 1.0.3 - Email Adding via CSRF
The ContentLock WordPress plugin through 1.0.3 does not have CSRF check in place when adding emails, which could allow attackers to make a logged in admin perform such action via a CSRF attack...
CVE-2024-38626
In the Linux kernel, the following vulnerability has been resolved: fuse: clear FRSENT when re-adding requests into pending list The following warning was reported by lee bruce: ------------ cut here ------------ WARNING: CPU: 0 PID: 8264 at fs/fuse/dev.c:300 fuserequestend+0x685/0x7e0...
CVE-2024-38626 fuse: clear FR_SENT when re-adding requests into pending list
In the Linux kernel, the following vulnerability has been resolved: fuse: clear FRSENT when re-adding requests into pending list The following warning was reported by lee bruce: ------------ cut here ------------ WARNING: CPU: 0 PID: 8264 at fs/fuse/dev.c:300 fuserequestend+0x685/0x7e0...