WordPress plugin ApplyOnline Application Form Builder and Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-18653 · WordPress · Applyonline

Name of the Vulnerable Software and Affected Versions: ApplyOnline – Application Form Builder and Manager plugin for WordPress versions up to, and including, 2.6 Description: The issue allows authenticated attackers with subscriber access or higher to view Application submissions due to a missing...

Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.12.0 release and security update

Red Hat AMQ Broker 7.12.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

CVE-2024-35995

A vulnerability was found in the ACPI subsystem's CPPC driver in the Linux kernel. This issue occurs due to the mishandling of memory access bit width during performance capability calculations, which can lead to misaligned memory accesses and cause kernel panics on affected platforms...

SUSE CVE-2024-35815

In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCBAIORW before the struct aiokiocb conversion The first kiocbsetcancelfn argument may point at a struct kiocb that is not embedded inside struct aiokiocb. With the current code, depending on the compiler, the...

SUSE CVE-2024-35830

In the Linux kernel, the following vulnerability has been resolved: media: tc358743: register v4l2 async device only after successful setup Ensure the device has been setup correctly before registering the v4l2 async device, thus allowing userspace to access...

CVE-2024-35926

CVE-2024-35926 : In the Linux kernel, the crypto IA A group fixes an async_disable descriptor leak in the iaa_compress/decompress paths. The root cause was that disable_async paths did not free idxd descriptors, leaking resources in tests where req->dst is null. A patch adds a proper free, res...

CVE-2024-35879

In the Linux kernel, the following vulnerability has been resolved: of: dynamic: Synchronize ofchangesetdestroy with the devlink removals In the following sequence: 1 ofplatformdepopulate 2 ofoverlayremove During the step 1, devices are destroyed and devlinks are removed. During the step 2, OF...

DEBIAN-CVE-2024-35874

In the Linux kernel, the following vulnerability has been resolved: aio: Fix null ptr deref in aiocomplete wakeup listdelinitcareful needs to be the last access to the wait queue entry - it effectively unlocks access. Previously, finishwait would see the empty list head and skip taking the lock,...

DEBIAN-CVE-2024-35830

In the Linux kernel, the following vulnerability has been resolved: media: tc358743: register v4l2 async device only after successful setup Ensure the device has been setup correctly before registering the v4l2 async device, thus allowing userspace to access...

DEBIAN-CVE-2024-35815

In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCBAIORW before the struct aiokiocb conversion The first kiocbsetcancelfn argument may point at a struct kiocb that is not embedded inside struct aiokiocb. With the current code, depending on the compiler, the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly setting up asynchronous devices...

AZL-40546 CVE-2024-27397 affecting package hyperv-daemons for versions less than 6.6.56.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...

AZL-40679 CVE-2024-27397 affecting package hyperv-daemons for versions less than 5.15.158.2-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...

SUSE CVE-2024-27397

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...

RHEL 5 : xsa201_xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xsa201 xen: ARM guests may induce host asynchronous abort XSA-201 CVE-2016-9818 - Xen through 4.7.x allow...

Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1594)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1572)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-27397 netfilter: nf_tables: use timestamp to check for set element timeout

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...

RHEL 8 : nodejs:18 (RHSA-2024:2780)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2780 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...