8527 matches found
CVE-2023-52906
In the Linux kernel, the following vulnerability has been resolved: net/sched: actmpls: Fix warning during failed attribute validation The 'TCAMPLSLABEL' attribute is of 'NLAU32' type, but has a validation type of 'NLAVALIDATEFUNCTION'. This is an invalid combination according to the comment abov...
CVE-2023-52906
CVE-2023-52906 affects the Linux kernel’s net/sched code (act_mpls). The TCA_MPLS_LABEL attribute is NLA_U32 but uses NLA_POLICY_VALIDATE_FN, causing nla_get_range_unsigned() warnings due to negative min/max values. The fix changes the attribute type to NLA_BINARY and relocates length validation ...
kernel: NFSv4: Fix memory leak in nfs4_set_security_label
A vulnerability was found in the nfs4setsecuritylabel in the Linux kernel, where the function fails to free the nfsfattr attribute before exiting, leaving said memory allocation present. As the nfs4setsecuritylabel is called repeatedly over time, this may lead to memory exhaustion...
USN-6966-2 firefox regressions
USN-6966-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...
DEBIAN-CVE-2024-43864
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix CT entry update leaks of modify header context The cited commit allocates a new modify header to replace the old one when updating CT entry. But if failed to allocate a new one, eg. exceed the max number firmware c...
jinja2: accepts keys containing non-attribute characters
A flaw was found in jinja2. The xmlattr filter accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, , or =, as each would then be interpreted as starting a separate attribute. If an application accepts keys as opposed to only values as user input, and...
CVE-2024-5576
The Tutor LMS Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'coursecarouselskin' attribute within the plugin's Course Carousel widget in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping on user supplie...
CVE-2024-5763
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the videodate attribute within the plugin's Video widget in all versions up to, and including, 5.6.2 due to insufficient inpu...
SUSE CVE-2024-44070
An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...
openSUSE Security Advisory (SUSE-SU-2024:1863-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : Jinja2 -- Vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter (04c9c3f8-5ed3-11ef-8262-b0416f0c4c67)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 04c9c3f8-5ed3-11ef-8262-b0416f0c4c67 advisory. [email protected] reports: Jinja is an extensible templating engine. The xmlattr filter in...
Cross Site Scripting (XSS)
bootstrap is vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to a missing sanitization in the href attribute of the tag while working with data-slide and data-slide-to attributes. This could enable an attacker to execute arbitrary JavaScript within the victim's browser...
USN-6966-1 firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-7518, CVE-2024-7521,...
AZL-47868 CVE-2024-44070 affecting package frr for versions less than 9.1.1-2
An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...
AZL-47862 CVE-2024-44070 affecting package frr for versions less than 8.5.5-1
An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...
DEBIAN-CVE-2024-44070
An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...
UBUNTU-CVE-2024-44070
An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...
mozilla: Out of bounds read in editor component
The Mozilla Foundation Security Advisory describes this flaw as: Editor code failed to check an attribute value. This could have led to an out-of-bounds read...
mozilla: Out of bounds read in editor component
The Mozilla Foundation Security Advisory describes this flaw as: Editor code failed to check an attribute value. This could have led to an out-of-bounds read...
PT-2024-37912 · WordPress · Wp Last Modified Info
Name of the Vulnerable Software and Affected Versions: WP Last Modified Info plugin for WordPress versions up to, and including, 1.9.0 Description: The issue is related to Stored Cross-Site Scripting via the template attribute of the lmt-post-modified-info shortcode. This is due to insufficient...