8539 matches found
MAL-2024-6719 Malicious code in attribute-normalizer-extras (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
WordPress The7 theme <= 11.13.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via url Attribute vulnerability discovered by wesley wcraft in WordPress Theme The7 versions = 11.13.0...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the sanitycheckinode function not performing a sanity check on ixattrnid...
SUSE CVE-2024-38659
In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enicsetvfport enicsetvfport assumes that the nl attribute IFLAPORTPROFILE is of length PORTPROFILEMAX and that the nl attributes IFLAPORTINSTANCEUUID, IFLAPORTHOSTUUID are of length...
Medium: python-jinja2
Issue Overview: Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, , or =, as each would then be interpreted as starting a separate attribute. If an application...
Medium: python3-jinja2
Issue Overview: Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, , or =, as each would then be interpreted as starting a separate attribute. If an application...
CVE-2024-38659
In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enicsetvfport enicsetvfport assumes that the nl attribute IFLAPORTPROFILE is of length PORTPROFILEMAX and that the nl attributes IFLAPORTINSTANCEUUID, IFLAPORTHOSTUUID are of length...
CVE-2024-38659
In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enicsetvfport enicsetvfport assumes that the nl attribute IFLAPORTPROFILE is of length PORTPROFILEMAX and that the nl attributes IFLAPORTINSTANCEUUID, IFLAPORTHOSTUUID are of length...
UBUNTU-CVE-2024-38659
In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enicsetvfport enicsetvfport assumes that the nl attribute IFLAPORTPROFILE is of length PORTPROFILEMAX and that the nl attributes IFLAPORTINSTANCEUUID, IFLAPORTHOSTUUID are of length...
CVE-2024-38659 enic: Validate length of nl attributes in enic_set_vf_port
In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enicsetvfport enicsetvfport assumes that the nl attribute IFLAPORTPROFILE is of length PORTPROFILEMAX and that the nl attributes IFLAPORTINSTANCEUUID, IFLAPORTHOSTUUID are of length...
SUSE CVE-2024-36974
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP If one TCATAPRIOATTRPRIOMAP attribute has been provided, taprioparsemqprioopt must validate it, or userspace can inject arbitrary data to the kernel, the second time...
SUSE CVE-2024-38539
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdmacore observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak detector initialized mempool available:36041...
CVE-2024-5344
The The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘forgoturl’ attribute within the plugin's WP Login & Register widget in all versions up to, and including, 5.5.6 due to insufficient input sanitization and output escaping...
WordPress plugin PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode security vulnerability
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in the WordPress plugin PayPal Pay Now, Buy Now, Donation...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from the enic module not validating the length of the nl attribute in enicsetvfport...
PT-2024-32622 · WordPress · Youzify – Buddypress Community
Name of the Vulnerable Software and Affected Versions: The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress versions 1.2.5 and earlier Description: The issue allows authenticated attackers with Contributor-level access and above to perform SQL Injecti...
PT-2024-35741 · WordPress · The Plus Addons For Elementor Page Builder
Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor Page Builder plugin for WordPress versions up to, and including, 5.5.6 Description: The issue is related to Reflected Cross-Site Scripting via the forgoturl attribute within the plugin's WP Login & Register widge...
DEBIAN-CVE-2024-38539
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdmacore observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak detector initialized mempool available:36041...
UBUNTU-CVE-2024-38539
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdmacore observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak detector initialized mempool available:36041...
DEBIAN-CVE-2024-36974
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP If one TCATAPRIOATTRPRIOMAP attribute has been provided, taprioparsemqprioopt must validate it, or userspace can inject arbitrary data to the kernel, the second time...