CVE-2023-28322

An information disclosure vulnerability exists in curl v8.1.0 when doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously wasused to issue a PUT request...

SUSE CVE-2023-28322

An information disclosure vulnerability exists in curl v8.1.0 when doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously wasused to issue a PUT request...

more POST-after-PUT confusion

When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. This flaw may surprise the...

CVE-2023-28322

An information disclosure vulnerability exists in curl v8.1.0 when doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously wasused to issue a PUT request...

UBUNTU-CVE-2023-28322

An information disclosure vulnerability exists in curl v8.1.0 when doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously wasused to issue a PUT request...

kernel: net/mlx5: Fix possible use-after-free in async command interface

A flaw was found in the net/mlx5 subsystem of the Linux kernel where a race condition in the asynchronous command interface can lead to a use-after-free condition. The function mlx5cmdcleanupasyncctx may return before all callback handlers have completed, allowing the context to be freed while...

kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva

A flaw was found in KVM. With shadow paging enabled if INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference. This flaw allows a guest user to cause a kernel oops condition on the host, resulting in a denial of service...

kernel: scsi: target: iscsi: Fix a race condition between login_work and the login thread

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix a race condition between loginwork and the login thread In case a malicious initiator sends some random data immediately after a login PDU; the iscsitargetskdataready callback will schedule the loginwork...

CVE-2020-21643

Cross Site Scripting XSS vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop...

Cross site scripting

Cross Site Scripting XSS vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop...

HongCMS 跨站脚本漏洞

HongCMS is an open source lightweight content management system CMS. A cross-site scripting vulnerability exists in HongCMS version 3.0, which originates from running arbitrary code via the callback parameter of /ajax/myshop. An attacker can exploit this vulnerability to perform a cross-site...

PT-2023-11595 · Hongcms · Hongcms

Name of the Vulnerable Software and Affected Versions: HongCMS version 3.0 Description: The issue allows attackers to run arbitrary code via the callback parameter to the "/ajax/myshop" API endpoint. This enables attackers to execute malicious scripts, potentially leading to unauthorized access o...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1633)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Insufficiently Protected Credentials

Overview expo is an umbrella package that contains the client-side code for accessing system functionality such as contacts, camera, and location in Expo apps. Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the Expo AuthSession Redirect Proxy process...

PT-2023-22311 · Cesanta · Cesanta Mjs

Name of the Vulnerable Software and Affected Versions: Cesanta MJS version 2.20.0 Description: The issue is related to a SEGV vulnerability via mjs ffi cb free at src/mjs ffi.c, which can lead to a Denial of Service DoS. Recommendations: For Cesanta MJS version 2.20.0, consider disabling the mjs...

ERC777 Re-entrancy Risk

Lines of code Vulnerability details Impact The code does not screen out for tokens that use the erc777 standard and therefore presents a re-entrancy risk via the token's callback function Proof of Concept Tools Used Manual Recommended Mitigation Steps Add in re-entrancy lock to function --- The...

SUSE CVE-2022-48437

An issue was discovered in x509/x509verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509verifyctxaddchain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed...

Cesanta MJS 安全漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A security vulnerability exists in Cesanta MJS version v2.20.0, which stems from...

PT-2023-15779 · Openbsd +1 · Openbsd +2

Name of the Vulnerable Software and Affected Versions: LibreSSL versions prior to 3.6.1 OpenBSD versions prior to 7.2 errata 001 Description: An issue was discovered in the x509/x509 verify.c file. The function x509 verify ctx add chain does not store errors that occur during leaf certificate...

VulnCheck KEV: CVE-2023-1928

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the wpfcpreloadsinglecallback function in versions up to, and including, 1.1.2. This makes it possible for authenticated attackers with subscriber-level access to...