254 matches found
WordPress plugin CB security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress CB (legacy) Plugin <= 0.9.4.18 is vulnerable to Cross Site Request Forgery (CSRF)
Software CB legacy Type Plugin Vulnerable versions = 0.9.4.18 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4382 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID c0af2ef4c714 Credits Bob Matyas Required...
CB (legacy) <= 0.9.4.18 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to...
DEBIAN-CVE-2023-52701
In the Linux kernel, the following vulnerability has been resolved: net: use a bounce buffer for copying skb-mark syzbot found arm64 builds would crash in sockrecvmark when CONFIGHARDENEDUSERCOPY=y x86 and powerpc are not detecting the issue because they define useraccessbegin. This will be handl...
CVE-2023-52701
The CVE-2023-52701 entry concerns Linux kernel net handling: copying skb marks and skb_cb data led to a memory exposure via usercopy checks, observed as a kernel crash on arm64 when CONFIG_HARDENED_USERCOPY=y. Root cause: copying data from skb->cb[] and skb->mark can bypass size checks; pat...
CVE-2023-52701 net: use a bounce buffer for copying skb->mark
In the Linux kernel, the following vulnerability has been resolved: net: use a bounce buffer for copying skb-mark syzbot found arm64 builds would crash in sockrecvmark when CONFIGHARDENEDUSERCOPY=y x86 and powerpc are not detecting the issue because they define useraccessbegin. This will be handl...
The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.
The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...
The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.
The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...
The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.
The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...
The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software of Lenovo’s storage systems such as ThinkSystem, ThinkAgile, NeXtScale, as well as Lenovo CP-CB-10 laptops, allow attackers to gain unauthorized access to protected information.
The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming software of Lenovo’s storage systems such as ThinkSystem, ThinkAgile, NeXtScale, as well as Lenovo CP-CB-10 laptops, is related to the absence of authentication for critical...
PT-2024-28064
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a boundary check in the RDMA/mana ib component of the Linux kernel. Specifically, a boundary check was added inside the mana ib install cq cb function to prevent...
PT-2024-3582 · Lenovo · Thinkagile +3
Name of the Vulnerable Software and Affected Versions: Lenovo ThinkSystem, ThinkAgile, NeXtScale, and Lenovo CP-CB-10 affected versions not specified Description: The issue is related to an authentication bypass vulnerability in the System Management Module SMM/SMM2 and Fan Power Controller FPC...
CVE-2021-47081
In the Linux kernel, the following vulnerability has been resolved: habanalabs/gaudi: Fix a potential use after free in gaudimemsetdevicememory Our code analyzer reported a uaf. In gaudimemsetdevicememory, cb is get via hlcbkernelcreate with 2 refcount. If hlcsallocatejob failed, the execution ru...
UBUNTU-CVE-2021-47081
In the Linux kernel, the following vulnerability has been resolved: habanalabs/gaudi: Fix a potential use after free in gaudimemsetdevicememory Our code analyzer reported a uaf. In gaudimemsetdevicememory, cb is get via hlcbkernelcreate with 2 refcount. If hlcsallocatejob failed, the execution ru...
CVE-2021-47081 habanalabs/gaudi: Fix a potential use after free in gaudi_memset_device_memory
In the Linux kernel, the following vulnerability has been resolved: habanalabs/gaudi: Fix a potential use after free in gaudimemsetdevicememory Our code analyzer reported a uaf. In gaudimemsetdevicememory, cb is get via hlcbkernelcreate with 2 refcount. If hlcsallocatejob failed, the execution ru...
CVE-2021-47014
In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix wild memory access when clearing fragments while testing re-assembly/re-fragmentation using actct, it's possible to observe a crash like the following one: KASAN: maybe wild-memory-access in range...
CVE-2021-47014 net/sched: act_ct: fix wild memory access when clearing fragments
In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix wild memory access when clearing fragments while testing re-assembly/re-fragmentation using actct, it's possible to observe a crash like the following one: KASAN: maybe wild-memory-access in range...
CVE-2021-47014 net/sched: act_ct: fix wild memory access when clearing fragments
In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix wild memory access when clearing fragments while testing re-assembly/re-fragmentation using actct, it's possible to observe a crash like the following one: KASAN: maybe wild-memory-access in range...
PT-2024-1741 · Tiny-Curl +2 · Tiny-Curl +2
Name of the Vulnerable Software and Affected Versions: curl versions 8.4.0 through 8.5.0 tiny-curl version 8.4.0 Description: The issue is related to an off-by-one out-of-bounds array index in the tool cb wrt component of the curl and tiny-curl utilities. This could allow a remote attacker to...
cb-radio.info.pl Cross Site Scripting vulnerability OBB-3836547
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...