CVE-2024-22667

Vim before 9.0.2142 has a stack-based buffer overflow because didsetlangmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions...

PHPJ Callback Widget 1.0 Cross Site Scripting

Title: PHPJ-Callback-Widget-1.0-XSS-Stored-admin-Hijacking Author: nu11secur1ty Date: 01/26/2024 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/callback-widget/ Reference: https://portswigger.net/web-security/cross-site-scripting Description: The Callback Requests functi...

kernel: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb

In the Linux kernel, the following vulnerability has been resolved: ath9k: fix use-after-free in ath9khifusbrxcb Syzbot reported use-after-free Read in ath9khifusbrxcb 0. The problem was in incorrect htchandle-drvpriv initialization. Probable call trace which can trigger use-after-free:...

VulnCheck KEV: CVE-2022-1020

The Product Table for WooCommerce wooproducttable WordPress plugin before 3.1.2 does not have authorisation and CSRF checks in the wptadminupdatenoticeoption AJAX action available to both unauthenticated and authenticated users, as well as does not validate the callback parameter,...

WordPress plugin ColorMag theme security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

PT-2024-15743 · WordPress · Colormag

Name of the Vulnerable Software and Affected Versions: ColorMag theme for WordPress versions up to, and including, 3.1.2 Description: The ColorMag theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the plugin action callback function. This makes it...

CVE-2023-6066 WP Custom Widget Area <= 1.2.5 - Subscriber+ Menus Creation/Deletion/Update

The WP Custom Widget area WordPress plugin through 1.2.5 does not properly apply capability and nonce checks on any of its AJAX action callback functions, which could allow attackers with subscriber+ privilege to create, delete or modify menus on the site...

CVE-2024-0217 Packagekitd: use-after-free in idle function callback

A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any...

CVE-2023-33110

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption...

Race condition

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a session index variable in the PCM host voice-audio driver that is initialized before the PCM is turned on, accessed during an event callback from the...

The vulnerability of the callback component of the OpenCATS workforce management system allows attackers to perform cross-site scripting attacks.

The vulnerability of the callback component of the OpenCATS workforce management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

CLSA-2023-1702573269 Fix CVE(s): CVE-2022-48560

SECURITY UPDATE: Posible crash in heapq with custom comparison operators - debian/patches/CVE-2022-48560.patch: Disallow releasing heap items during a comparison callback - CVE-2022-48560...

Exploit for OS Command Injection in Cisco Ios_Xe

CVE-2023-20273 CVE-2023-20273 Exploit PoC Usage usage:...

Multiple re-entrancy issues allowing stealing of funds and bypassing protocol mint limits

Lines of code Vulnerability details Impact Multiple re-entrancy issues exist in the codebase, that break core functionality and allow stealing of user funds. In AuctionDemo.sol contract re-entrancy in cancelBid and cancelAllBids allows stealing of user funds. There are multiple attack surfaces,...

The protocol is susceptible to reentrancy attacks.

Lines of code Vulnerability details Reentrancy is a well know bug in smart contract and the protocol is not handling it, The safeMint function in ERC721 make a callback to the receiver checking if they can hold a nft, this can be used to a receiver to take control of the execution of the call. in...

Memory corruption

In callbackthreadevent of comandroidbluetoothbtserviceAdapterService.cpp, there is a possible memory corruption due to a use after free. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a code execution vulnerability that is caused by the use of callbackthreadevent after release in the comAndroidbluetoothbtserviceAdapterService.cpp script. An attacker can exploit this...

PT-2023-7533 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to the December 2023 security update Description: The issue is related to a use after free vulnerability in the callback thread event function of com android bluetooth btservice AdapterService.cpp. This could lead to...

FBI Alert: Silent Ransom Group Utilizes Callback Phishing for Network Hacks

By Deeba Ahmed The culprit behind these callback phishing attacks, known as Silent Ransom Group SRG, is also identified as Luna Moth. This is a post from HackRead.com Read the original post: FBI Alert: Silent Ransom Group Utilizes Callback Phishing for Network Hacks...