PT-2024-11158 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential use after free issue has been identified in the Linux kernel, specifically in the gaudi memset device memory function. The issue arises when hl cs allocate job fails, causi...

EIP-721 / EIP-1155 Re-Entrancy Vulnerability

Handle 0xsomeone Vulnerability details Impact The impact of this finding is difficult to estimate as the contract system within scope is limited in how the various components are meant to be utilized. A definitive side-effect of this re-entrancy is the delayed application of the afterRedeemHook...

CVE-2020-7036

An XML External Entities XXEvulnerability in Callback Assist could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The affected versions of Callback Assist includes all 4.0.x versions before 4.7.1.1 Patch 7...

CVE-2020-7036

An XML External Entities XXEvulnerability in Callback Assist could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The affected versions of Callback Assist includes all 4.0.x versions before 4.7.1.1 Patch 7...

Xxe

An XML External Entities XXEvulnerability in Callback Assist could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The affected versions of Callback Assist includes all 4.0.x versions before 4.7.1.1 Patch 7...

CVE-2020-7036 XXE in Avaya Callback Assist Administration

An XML External Entities XXEvulnerability in Callback Assist could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The affected versions of Callback Assist includes all 4.0.x versions before 4.7.1.1 Patch 7...

CVE-2020-7036

The CVE-2020-7036 entry describes an XML External Entities (XXE) vulnerability in Avaya Callback Assist. An authenticated, remote attacker could gain read access to information stored on affected systems. Affected are Callback Assist 4.0.x series prior to 4.7.1.1 Patch 7. Remediation: update to 4...

Avaya Callback Assist 代码问题漏洞

Avaya Callback Assist is a software application from Avaya, USA. With Avaya Callback Assist, contact centers can offer callback options to callers during peak call periods when estimated wait times are highest A code issue vulnerability exists in Callback Assist includes 4.0.x Series 4.7.1.1 prio...

SUSE: Security Advisory (SUSE-SU-2017:2344-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Horde Groupware Webmail Edition 5.2.22 XSS / Remote Code Execution Exploit

Webmail Edition version 5.2.22 suffers from remote code execution and cross site scripting vulnerabilities via the HordeTextFilter library. Exploit Title: Remote code execution XSS HordeTextFilter library Webmail Edition through 5.2.22 Author: Alex Birnberg Testing and Debugging: Ventsislav...

Cross-site scripting in SocksJS-node

htmlfile in lib/transport/htmlfile.js in SockJS before 0.3.0 is vulnerable to Reflected XSS via the /htmlfile c aka callback parameter...

GHSA-HH8V-JMH3-9437 Cross-site scripting in SocksJS-node

htmlfile in lib/transport/htmlfile.js in SockJS before 0.3.0 is vulnerable to Reflected XSS via the /htmlfile c aka callback parameter...

CVE-2013-1054

The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 by shipping an empty package, thus...

Design/Logic Flaw

The unity-firefox-extension package could be tricked into dropping a C callback which was still in use, which Firefox would then free, causing Firefox to crash. This could be achieved by adding an action to the launcher and updating it with new callbacks until the libunity-webapps rate limit was...

UBUNTU-CVE-2013-1055

The unity-firefox-extension package could be tricked into dropping a C callback which was still in use, which Firefox would then free, causing Firefox to crash. This could be achieved by adding an action to the launcher and updating it with new callbacks until the libunity-webapps rate limit was...

CVE-2013-1055

The unity-firefox-extension package could be tricked into dropping a C callback which was still in use, which Firefox would then free, causing Firefox to crash. This could be achieved by adding an action to the launcher and updating it with new callbacks until the libunity-webapps rate limit was...

CVE-2013-1054 Possible remote DOS in WebApps

The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 by shipping an empty package, thus...

MTN Group: Cross-site Scripting (XSS) - Reflected on http://callertunez.mtn.com.gh/wap/noauth/sharedetail.ftl via `callback` parameter

The vulnerability was a reflected cross-site scripting XSS found on the website http://callertunez.mtn.com.gh/wap/noauth/sharedetail.ftl via the "callback" parameter. The vulnerability allowed the execution of arbitrary JavaScript code...

Microsoft Windows本地提权漏洞（CVE-2021-1732）

CVE-2021-1732: win32kfull xxxCreateWindowEx callback out-of-bounds Mar 25, 2021 • iamelli0t CVE-2021-1732 is a 0-Day vulnerability exploited by the BITTER APT organization in one operation which was disclosed in February this year123. This vulnerability exploits a user mode callback opportunity i...

The vulnerability in the `dns_parse_callback` function in the `network/lookup_name.c` library for the C language, used in Linux-based embedded operating systems, allows a attacker to cause a service failure.

The vulnerability of the dnsparsecallback function in the network/lookupname.c library for the C language, used in Linux-based operating systems, relates to the lack of restrictions on the number of addresses that can be entered. Exploiting this vulnerability could allow a remote attacker to caus...