168 matches found
Default configuration
In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...
CVE-2022-48424
In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...
Complianz - GDPR/CCPA Cookie Consent < 6.4.2 - Contributor+ Stored XSS
The plugins do not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC cmplz-consent-area...
Cross site scripting
The WP Responsive Testimonials Slider And Widget WordPress plugin through 1.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...
GSD-2023-1002236 net/sched: act_mpls: Fix warning during failed attribute validation
net/sched: actmpls: Fix warning during failed attribute validation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.229 by commit...
GSD-2023-1002185 net/sched: act_mpls: Fix warning during failed attribute validation
net/sched: actmpls: Fix warning during failed attribute validation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.164 by commit...
GSD-2023-1002119 net/sched: act_mpls: Fix warning during failed attribute validation
net/sched: actmpls: Fix warning during failed attribute validation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.89 by commit...
GSD-2023-1001994 net/sched: act_mpls: Fix warning during failed attribute validation
net/sched: actmpls: Fix warning during failed attribute validation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit...
CVE-2023-0169
The Zoho Forms WordPress plugin before 3.0.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
PT-2023-35312 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.229 Description: The issue is related to a warning during failed attribute validation in the act mpls component of the Linux Kernel. The actual impact and attack plausibility have not yet been proven...
PT-2023-35261 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.164 Description: A potential security issue exists due to a warning during failed attribute validation in the act mpls component of the Linux Kernel. The actual impact and attack plausibility have not yet...
PT-2023-35195 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.89 Description: The issue is related to a warning during failed attribute validation in the act mpls component of the Linux Kernel. The actual impact and attack plausibility have not yet been proven...
PT-2023-35070 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: The issue is related to a warning during failed attribute validation in the act mpls component of the Linux Kernel's net/sched module. The actual impact and attack plausibility have not yet...
PT-2023-14508 · WordPress · Amr Shortcode Any Widget
Name of the Vulnerable Software and Affected Versions: amr shortcode any widget WordPress plugin versions prior to 4.0 Description: The issue concerns the amr shortcode any widget WordPress plugin, where it fails to validate and escape some of its shortcode attributes before outputting them back ...
WordPress plugin TemplatesNext ToolKit 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...
CVE-2022-4836
The Breadcrumb WordPress plugin before 1.5.33 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege...
Cross site scripting
The My YouTube Channel WordPress plugin before 3.23.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...
GSD-2023-1001814 net/sched: act_mpls: Fix warning during failed attribute validation
net/sched: actmpls: Fix warning during failed attribute validation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.229 by commit...
GSD-2023-1001790 net/sched: act_mpls: Fix warning during failed attribute validation
net/sched: actmpls: Fix warning during failed attribute validation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.164 by commit...
GSD-2023-1001756 net/sched: act_mpls: Fix warning during failed attribute validation
net/sched: actmpls: Fix warning during failed attribute validation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.89 by commit...