Lucene search
K

8539 matches found

OSV
OSV
added 2024/06/25 1:49 p.m.8 views

MAL-2024-6719 Malicious code in attribute-normalizer-extras (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0References1
Patchstack
Patchstack
added 2024/06/25 6:51 a.m.5 views

WordPress The7 theme <= 11.13.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via url Attribute vulnerability discovered by wesley wcraft in WordPress Theme The7 versions = 11.13.0...

6.4CVSS5.8AI score0.00326EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/06/25 12:0 a.m.3 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the sanitycheckinode function not performing a sanity check on ixattrnid...

7.1CVSS6.5AI score0.00238EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2024/06/24 11:15 p.m.2 views

SUSE CVE-2024-38659

In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enicsetvfport enicsetvfport assumes that the nl attribute IFLAPORTPROFILE is of length PORTPROFILEMAX and that the nl attributes IFLAPORTINSTANCEUUID, IFLAPORTHOSTUUID are of length...

6.3CVSS6.3AI score0.00245EPSS
Exploits0References16
Amazon
Amazon
added 2024/06/24 12:0 a.m.57 views

Medium: python-jinja2

Issue Overview: Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, , or =, as each would then be interpreted as starting a separate attribute. If an application...

6.1CVSS6.6AI score0.00979EPSS
Exploits0
Amazon
Amazon
added 2024/06/24 12:0 a.m.83 views

Medium: python3-jinja2

Issue Overview: Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, , or =, as each would then be interpreted as starting a separate attribute. If an application...

6.1CVSS6.6AI score0.00979EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/06/21 2:27 p.m.21 views

CVE-2024-38659

In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enicsetvfport enicsetvfport assumes that the nl attribute IFLAPORTPROFILE is of length PORTPROFILEMAX and that the nl attributes IFLAPORTINSTANCEUUID, IFLAPORTHOSTUUID are of length...

5.5CVSS6.9AI score0.00245EPSS
Exploits0References4
NVD
NVD
added 2024/06/21 11:15 a.m.18 views

CVE-2024-38659

In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enicsetvfport enicsetvfport assumes that the nl attribute IFLAPORTPROFILE is of length PORTPROFILEMAX and that the nl attributes IFLAPORTINSTANCEUUID, IFLAPORTHOSTUUID are of length...

7.1CVSS0.00245EPSS
Exploits0References11
OSV
OSV
added 2024/06/21 11:15 a.m.8 views

UBUNTU-CVE-2024-38659

In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enicsetvfport enicsetvfport assumes that the nl attribute IFLAPORTPROFILE is of length PORTPROFILEMAX and that the nl attributes IFLAPORTINSTANCEUUID, IFLAPORTHOSTUUID are of length...

7.1CVSS6.2AI score0.00245EPSS
Exploits0References30
Vulnrichment
Vulnrichment
added 2024/06/21 10:28 a.m.19 views

CVE-2024-38659 enic: Validate length of nl attributes in enic_set_vf_port

In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enicsetvfport enicsetvfport assumes that the nl attribute IFLAPORTPROFILE is of length PORTPROFILEMAX and that the nl attributes IFLAPORTINSTANCEUUID, IFLAPORTHOSTUUID are of length...

7AI score0.00245EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2024/06/21 3:6 a.m.8 views

SUSE CVE-2024-36974

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP If one TCATAPRIOATTRPRIOMAP attribute has been provided, taprioparsemqprioopt must validate it, or userspace can inject arbitrary data to the kernel, the second time...

7.8CVSS6.3AI score0.00281EPSS
Exploits0References27
SUSE CVE
SUSE CVE
added 2024/06/21 3:6 a.m.5 views

SUSE CVE-2024-38539

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdmacore observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak detector initialized mempool available:36041...

2.3CVSS6.8AI score0.00225EPSS
Exploits0References10
OSV
OSV
added 2024/06/21 2:15 a.m.8 views

CVE-2024-5344

The The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘forgoturl’ attribute within the plugin's WP Login & Register widget in all versions up to, and including, 5.5.6 due to insufficient input sanitization and output escaping...

6.1CVSS6AI score0.0031EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/21 12:0 a.m.2 views

WordPress plugin PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode security vulnerability

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in the WordPress plugin PayPal Pay Now, Buy Now, Donation...

6.1CVSS6.7AI score0.00315EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/06/21 12:0 a.m.2 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from the enic module not validating the length of the nl attribute in enicsetvfport...

7.1CVSS6.5AI score0.00245EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/06/20 12:0 a.m.4 views

PT-2024-32622 · WordPress · Youzify – Buddypress Community

Name of the Vulnerable Software and Affected Versions: The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress versions 1.2.5 and earlier Description: The issue allows authenticated attackers with Contributor-level access and above to perform SQL Injecti...

9.8CVSS7.8AI score0.005EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/06/20 12:0 a.m.8 views

PT-2024-35741 · WordPress · The Plus Addons For Elementor Page Builder

Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor Page Builder plugin for WordPress versions up to, and including, 5.5.6 Description: The issue is related to Reflected Cross-Site Scripting via the forgoturl attribute within the plugin's WP Login & Register widge...

6.1CVSS6.8AI score0.0031EPSS
Exploits0References7
OSV
OSV
added 2024/06/19 2:15 p.m.3 views

DEBIAN-CVE-2024-38539

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdmacore observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak detector initialized mempool available:36041...

5.5CVSS5.4AI score0.00225EPSS
Exploits0References1
OSV
OSV
added 2024/06/19 2:15 p.m.5 views

UBUNTU-CVE-2024-38539

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdmacore observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak detector initialized mempool available:36041...

5.5CVSS6.5AI score0.00225EPSS
Exploits0References12
OSV
OSV
added 2024/06/18 8:15 p.m.1 views

DEBIAN-CVE-2024-36974

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP If one TCATAPRIOATTRPRIOMAP attribute has been provided, taprioparsemqprioopt must validate it, or userspace can inject arbitrary data to the kernel, the second time...

7.8CVSS6.2AI score0.00281EPSS
Exploits0References1
Rows per page
Query Builder