168 matches found
CVE-2024-36017
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLAVFVLANLIST attribute validation Each attribute inside a nested IFLAVFVLANLIST is assumed to be a struct iflavfvlaninfo so the size of such attribute needs to be at least of sizeofstruct iflavfvlaninf...
CVE-2024-36017 rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLAVFVLANLIST attribute validation Each attribute inside a nested IFLAVFVLANLIST is assumed to be a struct iflavfvlaninfo so the size of such attribute needs to be at least of sizeofstruct iflavfvlaninf...
CVE-2024-36017
The CVE-2024-36017 entry is valid and has concrete details in connected sources. The vulnerability is in the Linux kernel rtnetlink path: nested IFLA_VF_VLAN_LIST attributes are assumed to be struct ifla_vf_vlan_info (size 14 bytes). Validation used NLA_HDRLEN (4 bytes), enabling a too-small attr...
CVE-2024-36017 rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLAVFVLANLIST attribute validation Each attribute inside a nested IFLAVFVLANLIST is assumed to be a struct iflavfvlaninfo so the size of such attribute needs to be at least of sizeofstruct iflavfvlaninf...
Laravel Guard bypass in Eloquent models
In laravel releases before 6.18.34 and 7.23.2. It was possible to mass assign Eloquent attributes that included the model's table name: $model-fill'users.name' = 'Taylor'; When doing so, Eloquent would remove the table name from the attribute for you. This was a "convenience" feature of Eloquent...
Oracle Linux 9 : python-jinja2 (ELSA-2024-2348)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-2348 advisory. 2.11.3-5 - Security fix for CVE-2024-22195 Resolves: RHEL-21349 Tenable has extracted the preceding description block directly from the Oracle Linux security...
CVE-2024-3188
CVE-2024-3188 affects the WordPress plugin Shortcodes Ultimate (Shortcodes Plugin) up to version 7.0.x (pre-7.1.0). The issue is a lack of validation/escaping of certain shortcode attributes, which are output back into the page/post containing the shortcode. This can enable Stored Cross-Site Scri...
DEBIAN-CVE-2024-26849
In the Linux kernel, the following vulnerability has been resolved: netlink: add nla be16/32 types to minlen array BUG: KMSAN: uninit-value in nlavalidaterangeunsigned lib/nlattr.c:222 inline BUG: KMSAN: uninit-value in nlavalidateintrange lib/nlattr.c:336 inline BUG: KMSAN: uninit-value in...
Easy Social Feed < 6.5.6 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin PoC...
WordPress Plugin Tabs Shortcode and Widget Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
EulerOS 2.0 SP10 : python-jinja2 (EulerOS-SA-2024-1346)
According to the versions of the python-jinja2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible...
EulerOS 2.0 SP10 : python-jinja2 (EulerOS-SA-2024-1324)
According to the versions of the python-jinja2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible...
Cross site scripting
The Enhanced Text Widget WordPress plugin before 1.6.6 does not validate and escape some of its Widget options before outputting them back in attributes, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is...
SUSE CVE-2023-52520
In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix reference leak If a duplicate attribute is found using ksetfindobj, a reference to that attribute is returned which needs to be disposed accordingly using kobjectput. Move the setting name validation...
Amazon Linux 2023 : python3-jinja2 (ALAS2023-2024-503)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-503 advisory. Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML...
CVE-2024-22195
A cross-site scripting XSS flaw was found in Jinja2 due to the xmlattr filter allowing keys with spaces, contrary to XML/HTML attribute standards. If an application accepts user-input keys and renders them for other users, attackers can inject additional attributes, potentially leading to XSS. Th...
CVE-2024-22195
Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template, potentially leading to Cross-Site Scripting XSS. The Jinja xmlattr filter can be abused t...
Cross site scripting
Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template, potentially leading to Cross-Site Scripting XSS. The Jinja xmlattr filter can be abused t...
CVE-2024-22195 Jinja vulnerable to Cross-Site Scripting (XSS)
Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template, potentially leading to Cross-Site Scripting XSS. The Jinja xmlattr filter can be abused t...
CVE-2024-22195
Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template, potentially leading to Cross-Site Scripting XSS. The Jinja xmlattr filter can be abused t...