3743 matches found
PT-2024-31290 · Mozilocms · Mozilocms
Name of the Vulnerable Software and Affected Versions: moziloCMS version 3.0 Description: An arbitrary file upload issue in the /admin/index.php component allows attackers to execute arbitrary code by uploading a crafted file. Recommendations: For moziloCMS version 3.0, consider restricting acces...
PT-2024-31405 · Jinja2 +1 · Jinja2 +1
Name of the Vulnerable Software and Affected Versions: Fides versions 2.19.0 through 2.43.x Description: The Email Templating feature in Fides uses Jinja2 without proper input sanitization or rendering environment restrictions, allowing for Server-Side Template Injection that grants Remote Code...
PT-2024-30778 · Unknown · Wbw Product Table Pro
Name of the Vulnerable Software and Affected Versions: WBW Product Table PRO versions 1.9.4 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection, potentially...
CVE-2024-44941
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to cover read extent cache access with lock syzbot reports a f2fs bug as below: BUG: KASAN: slab-use-after-free in sanitycheckextentcache+0x370/0x410 fs/f2fs/extentcache.c:46 Read of size 4 at addr ffff8880739ab220 by...
CVE-2024-42277 iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en
In the Linux kernel, the following vulnerability has been resolved: iommu: sprd: Avoid NULL deref in sprdiommuhwen In sprdiommucleanup before calling function sprdiommuhwen dom-sdev is equal to NULL, which leads to null dereference. Found by Linux Verification Center linuxtesting.org with SVACE...
kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs
In the Linux kernel, the following vulnerability has been resolved: net: core: reject skbcopyexpand for fraglist GSO skbs SKBGSOFRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skbcopy or skbcopyexpand, in order to prevent a crash on a...
PT-2024-29502 · Qwik +1 · Qwik +1
Name of the Vulnerable Software and Affected Versions: Qwik versions prior to 1.6.0 @builder.io/qwik versions prior to 1.7.3 Description: A potential mutation XSS vulnerability exists in Qwik due to improper HTML escaping on server-side rendering. This occurs because Qwik converts strings accordi...
PT-2024-38181
Name of the Vulnerable Software and Affected Versions: SourceCodester School Log Management System version 1.0 Description: A critical issue has been found in the SourceCodester School Log Management System, affecting some unknown functionality of the file /admin/manage user.php. The manipulation...
kernel: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup lpfcworkerwakeup calls the lpfcworkdone routine, which takes the hbalock. Thus, lpfcworkerwakeup should not be called while holding the hbalock to avoid potential deadlo...
PT-2024-29411 · Tenda · Tenda Fh1201
Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 Description: A stack-based buffer overflow issue was found via the entrys parameter at the "ip/goform/addressNat" endpoint. Recommendations: For Tenda FH1201 version 1.2.0.14, avoid using the entrys parameter in...
PT-2024-29409 · Tenda · Tenda Fh1201
Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 Description: A stack-based buffer overflow issue was discovered via the list1 parameter at the "ip/goform/DhcpListClient" endpoint. This issue can be exploited, potentially leading to unintended consequences...
PT-2024-5476 · Totolink · Totolink A3300R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description: A critical issue was found in the UploadCustomModule function of the /cgi-bin/cstecgi.cgi file, which can be exploited remotely. The manipulation of the File argument leads to a buff...
PT-2024-37948 · Sourcecodester · Record Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Record Management System version 1.0 Description: A problematic issue has been found in the software. It affects an unknown function of the file sort.php. The manipulation of the sort argument leads to cross-site scripting. Thi...
SUSE CVE-2022-48848
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Do not unregister events twice Nicolas reported that using: trace-cmd record -e all -M 10 -p osnoise --poll Resulted in the following kernel warning: ------------ cut here ------------ WARNING: CPU: 0 PID: 1217 a...
SUSE CVE-2024-39305
Envoy is a cloud-native, open source edge and service proxy. Prior to versions 1.30.4, 1.29.7, 1.28.5, and 1.27.7. Envoy references already freed memory when route hash policy is configured with cookie attributes. Note that this vulnerability has been fixed in the open as the effect would be...
PT-2024-5874 · Hashicorp +2 · Vault Enterprise +3
Name of the Vulnerable Software and Affected Versions: Vault and Vault Enterprise versions prior to 1.15.12 Vault and Vault Enterprise versions prior to 1.16.6 Vault and Vault Enterprise versions prior to 1.17.2 Description: The issue is related to the improper handling of requests originating fr...
PT-2024-7332 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.10.0 Description: The issue is related to the ext4 file system in the Linux kernel, specifically with the function ext4 ioctl getlabel in the fs/ext4/ioctl.c module. It involves improper memory access beyond t...
PT-2024-5888 · Envoy +1 · Envoy +1
Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.30.4 Envoy versions prior to 1.29.7 Envoy versions prior to 1.28.5 Envoy versions prior to 1.27.7 Description: The issue is related to a use-after-free error in the Envoy proxy server module. Exploitation of this iss...
PT-2024-28389 · Unknown · Luci-App-Sms-Tool
Name of the Vulnerable Software and Affected Versions: luci-app-sms-tool version 1.9-6 Description: A command injection issue was found in luci-app-sms-tool via the score parameter. Recommendations: For luci-app-sms-tool version 1.9-6, avoid using the score parameter until a fix is available...
PT-2024-27935
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8 Description The Linux kernel has a vulnerability that can cause rare kernel crashes due to bad page status error messages. This issue is caused by a race condition between thread A allocating an extent buffer...