8528 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that the unit sysfs attribute should not provide more access to nvmem data than the main attribute...
jinja2: accepts keys containing non-attribute characters
A flaw was found in jinja2. The xmlattr filter accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, , or =, as each would then be interpreted as starting a separate attribute. If an application accepts keys as opposed to only values as user input, and...
CVE-2024-40575
An issue in Huawei Technologies opengauss openGauss 5.0.0 build v.7.3.0 allows a local attacker to cause a denial of service via the modification of table attributes...
CVE-2024-6930
The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'type' attribute within the plugin's bookingform shortcode in all versions up to, and including, 10.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This...
CVE-2024-3454 In-Fabric Matter Cluster Attribute Disclosure
An implementation issue in the Connectivity Standards Alliance Matter 1.2 protocol as used in the connectedhomeip SDK allows a third party to disclose information about devices part of the same fabric footprinting, even though the protocol is designed to prevent access to such information...
WordPress plugin WP Booking Calendar 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
EulerOS 2.0 SP8 : python-jinja2 (EulerOS-SA-2024-2060)
According to the versions of the python-jinja2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible ...
The vulnerability of the Attribute Admin Setup component of the software application Attribute Admin Setup of the Oracle E-Business Suite allows a malicious individual to gain access to modify, add, or delete data.
The vulnerability of the Attribute Admin Setup component of the Attribute Admin Setup software and the Oracle E-Business Suite system exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or...
389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr)
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in logentryattr...
SUSE CVE-2022-48828
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix iasize underflow iattr::iasize is a lofft, which is a signed 64-bit type. NFSv3 and NFSv4 both define file size as an unsigned 64-bit type. Thus there is a range of valid file size values an NFS client can send that is...
CVE-2024-5582
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'url' attribute within the Q&A Block widget in all versions up to, and including, 1.33 due to insufficient input sanitization and output escaping on user supplied attribute...
CVE-2024-5251 Ultimate Addons for WPBakery Page Builder <= 3.19.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ultimatepricing shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...
SUSE CVE-2024-40972
In the Linux kernel, the following vulnerability has been resolved: ext4: do not create EA inode under buffer lock ext4xattrsetentry creates new EA inodes while holding buffer lock on the external xattr block. This is problematic as it nests all the allocation locking which acquires locks on othe...
WordPress Schema & Structured Data for WP & AMP plugin <= 1.33 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via url Attribute vulnerability discovered by wesley wcraft in WordPress Plugin Schema & Structured Data for WP & AMP versions = 1.33...
PT-2024-36589 · WordPress · Schema & Structured Data For Wp & Amp
Name of the Vulnerable Software and Affected Versions: Schema & Structured Data for WP & AMP plugin for WordPress versions up to, and including, 1.33 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes, specifically the url attribute...
CVE-2024-40990
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq maxsge attribute maxsge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it. Mitigation Mitigation for th...
CVE-2024-40978
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf...
UBUNTU-CVE-2022-48829
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...
IBM Datacap Navigator Information Disclosure Vulnerability (CNVD-2024-33370)
IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. An information disclosure vulnerability exists in IBM Datacap Navigator that stems from not setting a security attribute on an authorization token or session cookie, which can be exploited by an attacker t...
EulerOS 2.0 SP9 : python-jinja2 (EulerOS-SA-2024-1971)
According to the versions of the python-jinja2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters...