8548 matches found
UBUNTU-CVE-2023-52641
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add NULL ptr dereference checking at the end of attrallocateframe It is preferable to exit through the out: label because internal debugging functions are located there...
CVE-2023-52641
CVE-2023-52641 : Linux kernel vulnerability in the ntfs3 file system driver. A NULL pointer dereference could occur at the end of attr_allocate_frame(); a patch adds NULL pointer checks and directs exit via the out: label to avoid dereference of debugging helpers. The issue is resolved by this fi...
jinja2: HTML attribute injection when passing user input as keys to xmlattr filter
A cross-site scripting XSS flaw was found in Jinja2 due to the xmlattr filter allowing keys with spaces, contrary to XML/HTML attribute standards. If an application accepts user-input keys and renders them for other users, attackers can inject additional attributes, potentially leading to XSS. Th...
DEBIAN-CVE-2023-52631
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix an NULL dereference bug The issue here is when this is called from ntfsloadattrlist. The "size" comes from le32tocpuattr-res.datasize so it can't overflow on a 64bit systems but on 32bit systems the "+ 1023" can...
UBUNTU-CVE-2023-52631
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix an NULL dereference bug The issue here is when this is called from ntfsloadattrlist. The "size" comes from le32tocpuattr-res.datasize so it can't overflow on a 64bit systems but on 32bit systems the "+ 1023" can...
GHSA-C4GR-Q97G-PPWC In Astro-Shield, setting a correct `integrity` attribute to injected code allows to bypass the allow-lists
Impact Versions from 1.2.0 to 1.3.1 of Astro-Shield allow to bypass the allow-lists for cross-origin resources by introducing valid integrity attributes to the injected code. This implies that the injected SRI hash would be added to the generated CSP header, which would lead the browser to believ...
WordPress WP Chat App plugin <= 3.6.2 - Authenticated(Contributor+) Stored Cross-Site Scripting via Block Image Attribute vulnerability
AuthenticatedContributor+ Stored Cross-Site Scripting via Block Image Attribute vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin WP Chat App versions = 3.6.2...
PT-2024-23230 · WordPress · Essential Addons For Elementor
Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.13 Description: The issue allows authenticated attackers with author-level access and above to inject a PHP Object via deserialization of untrusted inp...
PT-2024-20660 · WordPress · Powerpack Addons For Elementor
Name of the Vulnerable Software and Affected Versions: PowerPack Addons for Elementor plugin for WordPress versions up to, and including, 2.7.17 Description: The issue is related to Stored Cross-Site Scripting via the html tag attribute of multiple widgets due to insufficient input sanitization a...
PT-2024-22866 · WordPress · Sydney Toolbox
Name of the Vulnerable Software and Affected Versions: Sydney Toolbox plugin for WordPress versions up to, and including, 1.26 Description: The issue is related to Stored Cross-Site Scripting via the id attribute of widgets due to insufficient input sanitization and output escaping on user-suppli...
jinja2: HTML attribute injection when passing user input as keys to xmlattr filter
A cross-site scripting XSS flaw was found in Jinja2 due to the xmlattr filter allowing keys with spaces, contrary to XML/HTML attribute standards. If an application accepts user-input keys and renders them for other users, attackers can inject additional attributes, potentially leading to XSS. Th...
DEBIAN-CVE-2023-45922
glxpbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation violation when calling glXGetDrawableAttribute. NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server...
UBUNTU-CVE-2023-45922
DISPUTED glxpbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation violation when calling glXGetDrawableAttribute. NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server...
Easy Social Feed < 6.5.6 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin PoC...
X11 Mesa 3D Graphics Library 安全漏洞
X11 Mesa 3D Graphics Library is a 3D graphics library. A security vulnerability exists in X11 Mesa 3D Graphics Library version 23.0.4, which stems from glxpbuffer.c was found to contain a segmentation conflict vulnerability in a call to glXGetDrawableAttribute...
Mozilla: Integer overflow could have led to out of bounds write
The Mozilla Foundation Security Advisory describes this flaw as: AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write...
Mozilla: Integer overflow could have led to out of bounds write
The Mozilla Foundation Security Advisory describes this flaw as: AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write...
Mozilla: Integer overflow could have led to out of bounds write
The Mozilla Foundation Security Advisory describes this flaw as: AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write...
Mozilla: Integer overflow could have led to out of bounds write
The Mozilla Foundation Security Advisory describes this flaw as: AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write...
Mozilla: Integer overflow could have led to out of bounds write
The Mozilla Foundation Security Advisory describes this flaw as: AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write...