SUSE CVE-2026-46024

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

CVE-2026-46024

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

UBUNTU-CVE-2026-46024

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

CVE-2026-46024

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

The vulnerability of the wp_kses_bad_protocol function in the WordPress content management system arises from insufficient input data validation. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the wpksesbadprotocol function in the WordPress content management system is related to the improper handling of a property that was named using the ampersand symbol. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its...

WordPress Input Validation Error Vulnerability (CNVD-2020-03945)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the 'wpksesbadprotocol' function in the wp-includes/kses.php file in...

PT-2019-5222 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 5.3.1 Description: The issue is related to the wp kses bad protocol function in WordPress, which mishandles the HTML5 colon named entity. This allows attackers to bypass input sanitization. For example, the...

Design/Logic Flaw

Certain input when passed into remarkable before 1.4.1 will bypass the bad protocol check that disallows the javascript: scheme allowing for javascript: url's to be injected into the rendered content...

CVE-2014-10065

Certain input when passed into remarkable before 1.4.1 will bypass the bad protocol check that disallows the javascript: scheme allowing for javascript: url's to be injected into the rendered content...

CVE-2014-10065

The CVE-2014-10065 entry concerns the remarkable Markdown parser. Affected: versions before 1.4.1. Root cause: input handling failed to properly restrict link protocols, permitting javascript: URLs to be injected into rendered content (XSS). Impact/notes: enables cross-site scripting via crafted ...