8524 matches found
Exposed Dangerous Method or Function
Overview asteval is a Safe, minimalistic evaluator of python expression using ast module Affected versions of this package are vulnerable to Exposed Dangerous Method or Function stems from the library's attribute access verification method, specifically within the onattribute node handler. The...
ASTEVAL Allows Malicious Tampering of Exposed AST Nodes Leads to Sandbox Escape
Summary If an attacker can control the input to the asteval library, they can bypass its safety restrictions and execute arbitrary Python code within the application's context. Details The vulnerability is rooted in how asteval performs attribute access verification. In particular, the onattribut...
CVE-2024-12118
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Event Calendar Link Widget through the htmltag attribute in all versions up to, and including, 6.9.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...
WordPress plugin The Events Calendar 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-5646 · Asteval · Asteval
Name of the Vulnerable Software and Affected Versions: asteval affected versions not specified Description: The issue arises from how asteval performs attribute access verification, specifically in the on attribute node handler. This handler prevents access to attributes that are either present i...
CVE-2025-23044
PwnDoc is a penetration test report generator. There is no CSRF protection in pwndoc, allowing attackers to send requests on a logged-in user's behalf. This includes GET and POST requests due to the missing SameSite= attribute on cookies and the ability to refresh cookies. Commit...
CVE-2025-23044 Cross-Site Request Forgery (CSRF) allows creating admin account with POST request
PwnDoc is a penetration test report generator. There is no CSRF protection in pwndoc, allowing attackers to send requests on a logged-in user's behalf. This includes GET and POST requests due to the missing SameSite= attribute on cookies and the ability to refresh cookies. Commit...
CVE-2025-23044 Cross-Site Request Forgery (CSRF) allows creating admin account with POST request
PwnDoc is a penetration test report generator. There is no CSRF protection in pwndoc, allowing attackers to send requests on a logged-in user's behalf. This includes GET and POST requests due to the missing SameSite= attribute on cookies and the ability to refresh cookies. Commit...
CVE-2025-21653
In the Linux kernel, the following vulnerability has been resolved: netsched: clsflow: validate TCAFLOWRSHIFT attribute syzbot found that TCAFLOWRSHIFT attribute was not validated. Right shitfing a 32bit integer is undefined for large shift values. UBSAN: shift-out-of-bounds in...
SUSE CVE-2025-21653
In the Linux kernel, the following vulnerability has been resolved: netsched: clsflow: validate TCAFLOWRSHIFT attribute syzbot found that TCAFLOWRSHIFT attribute was not validated. Right shitfing a 32bit integer is undefined for large shift values. UBSAN: shift-out-of-bounds in...
DEBIAN-CVE-2025-21653
In the Linux kernel, the following vulnerability has been resolved: netsched: clsflow: validate TCAFLOWRSHIFT attribute syzbot found that TCAFLOWRSHIFT attribute was not validated. Right shitfing a 32bit integer is undefined for large shift values. UBSAN: shift-out-of-bounds in...
CVE-2025-21653
In the Linux kernel, the following vulnerability has been resolved: netsched: clsflow: validate TCAFLOWRSHIFT attribute syzbot found that TCAFLOWRSHIFT attribute was not validated. Right shitfing a 32bit integer is undefined for large shift values. UBSAN: shift-out-of-bounds in...
CVE-2025-21653 net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
In the Linux kernel, the following vulnerability has been resolved: netsched: clsflow: validate TCAFLOWRSHIFT attribute syzbot found that TCAFLOWRSHIFT attribute was not validated. Right shitfing a 32bit integer is undefined for large shift values. UBSAN: shift-out-of-bounds in...
CVE-2025-21653
In the Linux kernel, the following vulnerability has been resolved: netsched: clsflow: validate TCAFLOWRSHIFT attribute syzbot found that TCAFLOWRSHIFT attribute was not validated. Right shitfing a 32bit integer is undefined for large shift values. UBSAN: shift-out-of-bounds in...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the clsflow module not validating the TCAFLOWRSHIFT attribute, which could result in out-of-range shift...
SUSE CVE-2024-47068
Rollup is a module bundler for JavaScript. Versions prior to 2.79.2, 3.29.5, and 4.22.4 are susceptible to a DOM Clobbering vulnerability when bundling scripts with properties from import.meta e.g., import.meta.url in cjs/umd/iife format. The DOM Clobbering gadget can lead to cross-site scripting...
SUSE CVE-2024-57895
In the Linux kernel, the following vulnerability has been resolved: ksmbd: set ATTRCTIME flags when setting mtime David reported that the new warning from setattrcopymgtime is coming like the following. 113.215316 ------------ cut here ------------ 113.215974 WARNING: CPU: 1 PID: 31 at...
CVE-2024-47605
silverstripe-asset-admin is a silverstripe assets gallery for asset management. When using the "insert media" functionality, the linked oEmbed JSON includes an HTML attribute which will replace the embed shortcode. The HTML is not sanitized before replacing the shortcode, allowing a script payloa...
Cross-site Scripting (XSS)
Overview silverstripe/framework is a PHP framework forming the base for the SilverStripe CMS. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the insert media functionality where the linked oEmbed JSON includes an HTML attribute which replaces the embed shortcode...
CVE-2024-53689
...