Lucene search
K

8541 matches found

NVD
NVD
added 2024/05/21 10:15 a.m.20 views

CVE-2024-4553

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sumembers' shortcode in all versions up to, and including, 7.1.5 due to insufficient input sanitization and output escaping on user supplied 'color' attribute. This...

6.4CVSS5.9AI score0.00322EPSS
Exploits0References3
CVE
CVE
added 2024/05/21 9:31 a.m.53 views

CVE-2024-4553

CVE-2024-4553 affects the WordPress plugin WP Shortcodes Plugin — Shortcodes Ultimate. The stored XSS flaw occurs in the su_members shortcode due to insufficient input sanitization and output escaping of the color attribute, exploitable by authenticated users with contributor-level access or high...

6.4CVSS5.7AI score0.00322EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/05/21 7:15 a.m.7 views

CVE-2024-4470

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'msslideinfo' shortcode in all versions up to, and including, 3.9.9 due to insufficient input sanitization and output escaping on user supplied 'tagname' attribute. This...

5.4CVSS6AI score0.00322EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/05/21 2:0 a.m.4 views

SUSE CVE-2024-35790

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group The DisplayPort driver's sysfs nodes may be present to the userspace before typecaltmodesetdrvdata completes in dpaltmodeprobe. This...

5.5CVSS6.4AI score0.00225EPSS
Exploits0References17
CNNVD
CNNVD
added 2024/05/21 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention between the xattrset|get and listxattr operations...

5.5CVSS4.8AI score0.00236EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/05/19 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a vulnerability in the x86/mm/pat module...

5.5CVSS6.4AI score0.00252EPSS
Exploits0References10
NVD
NVD
added 2024/05/18 6:15 a.m.45 views

CVE-2024-3812

The Salient Core plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.7 via the 'nectaricon' shortcode 'iconlinea' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute...

7.5CVSS7.8AI score0.00632EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/18 12:0 a.m.6 views

PT-2024-27888 · WordPress · Salient Shortcodes

Name of the Vulnerable Software and Affected Versions: Salient Shortcodes plugin for WordPress versions up to, and including, 1.5.3 Description: The Salient Shortcodes plugin for WordPress is vulnerable to Local File Inclusion via the icon shortcode image attribute. This allows authenticated...

8.8CVSS7.7AI score0.00619EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2024/05/17 10:23 p.m.23 views

CVE-2024-35790

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group The DisplayPort driver's sysfs nodes may be present to the userspace before typecaltmodesetdrvdata completes in dpaltmodeprobe. This...

5.5CVSS6.5AI score0.00225EPSS
Exploits0References4
NVD
NVD
added 2024/05/17 1:15 p.m.17 views

CVE-2024-35790

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group The DisplayPort driver's sysfs nodes may be present to the userspace before typecaltmodesetdrvdata completes in dpaltmodeprobe. This...

5.5CVSS6.4AI score0.00225EPSS
Exploits0References8
OSV
OSV
added 2024/05/17 1:15 p.m.3 views

DEBIAN-CVE-2024-35790

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group The DisplayPort driver's sysfs nodes may be present to the userspace before typecaltmodesetdrvdata completes in dpaltmodeprobe. This...

5.5CVSS5.7AI score0.00225EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/05/17 1:15 p.m.15 views

CVE-2024-35790

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group The DisplayPort driver's sysfs nodes may be present to the userspace before typecaltmodesetdrvdata completes in dpaltmodeprobe. This...

5.5CVSS6.3AI score0.00225EPSS
Exploits0References15
OSV
OSV
added 2024/05/17 1:15 p.m.1 views

UBUNTU-CVE-2024-35790

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group The DisplayPort driver's sysfs nodes may be present to the userspace before typecaltmodesetdrvdata completes in dpaltmodeprobe. This...

5.5CVSS6.2AI score0.00225EPSS
Exploits0References16
CVE
CVE
added 2024/05/17 12:24 p.m.176 views

CVE-2024-35790

CVE-2024-35790 in the Linux kernel : The issue was in the DisplayPort/USB Type-C subsystem where sysfs nodes could be exposed before the driver finished setup, risking NULL pointer dereferences in hpd_show/pin_assignment_show due to dev_get_drvdata() returning NULL. The fix removes manual sysfs n...

5.5CVSS6.6AI score0.00225EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/17 12:24 p.m.27 views

CVE-2024-35790 usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group The DisplayPort driver's sysfs nodes may be present to the userspace before typecaltmodesetdrvdata completes in dpaltmodeprobe. This...

6.8AI score0.00225EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/05/17 12:24 p.m.21 views

CVE-2024-35790 usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group The DisplayPort driver's sysfs nodes may be present to the userspace before typecaltmodesetdrvdata completes in dpaltmodeprobe. This...

6.4AI score0.00225EPSS
Exploits0References6
OSV
OSV
added 2024/05/17 11:8 a.m.2 views

OESA-2024-1605 python-jinja2 security update

Jinja2 is one of the most used template engines for Python. It is inspired by Django's templating system but extends it with an expressive language that gives template authors a more powerful set of tools. On top of that it adds sandboxed execution and optional automatic escaping for applications...

5.4CVSS7.2AI score0.00979EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/05/16 3:13 p.m.24 views

CVE-2024-35176

REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this...

5.3CVSS5.8AI score0.02064EPSS
Exploits1
CNNVD
CNNVD
added 2024/05/16 12:0 a.m.3 views

Ruby 安全漏洞

Ruby is a cross-platform, object-oriented, dynamically typed programming language from the individual developer, Gyohiro Matsumoto. A security vulnerability exists in Ruby REXML versions prior to 3.2.6, which stems from a denial of service vulnerability in the REXML gem when parsing attribute...

5.3CVSS7.2AI score0.02064EPSS
Exploits1References7
RubySec
RubySec
added 2024/05/16 12:0 a.m.33 views

REXML contains a denial of service vulnerability

Impact The REXML gem before 3.2.6 has a DoS vulnerability when it parses an XML that has many s in an attribute value. If you need to parse untrusted XMLs, you many be impacted to this vulnerability. Patches The REXML gem 3.2.7 or later include the patch to fix this vulnerability. Workarounds Don...

5.3CVSS6.4AI score0.02064EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder