CVE-2024-51789

Unrestricted Upload of File with Dangerous Type vulnerability in UjW0L Image Classify image-classify allows Upload a Web Shell to a Web Server.This issue affects Image Classify: from n/a through = 1.0.0...

CVE-2024-51789

Unrestricted Upload of File with Dangerous Type vulnerability in UjW0L Image Classify image-classify allows Upload a Web Shell to a Web Server.This issue affects Image Classify: from n/a through = 1.0.0...

CVE-2024-51789

CVE-2024-51789 is an Unrestricted Upload of File with Dangerous Type vulnerability in the WordPress plugin Image Classify (Image Classify: n/a through 1.0.0). The root cause is improper validation of uploaded files, enabling an attacker to upload a web shell to the web server. Public references i...

CVE-2024-51789 WordPress Image Classify plugin <= 1.0.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in UjW0L Image Classify allows Upload a Web Shell to a Web Server.This issue affects Image Classify: from n/a through 1.0.0...

CVE-2024-51789 WordPress Image Classify plugin <= 1.0.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in UjW0L Image Classify image-classify allows Upload a Web Shell to a Web Server.This issue affects Image Classify: from n/a through = 1.0.0...

WordPress plugin Image Classify 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

PT-2024-34915 · Unknown · Ujw0L Image Classify

Name of the Vulnerable Software and Affected Versions: UjW0L Image Classify versions 1.0.0 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited to gain unauthorized access to...

WordPress Image Classify plugin <= 1.0.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Image Classify versions = 1.0.0...

WordPress Image Classify Plugin <= 1.0.0 is vulnerable to Arbitrary File Upload

Software Image Classify Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-51789 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 625646848ec4 Credits stealthcopter Required privilege...

kernel: slab-out-of-bounds read vulnerabilities in cbq_classify

An out-of-bounds OOB read problem was found in cbqclassify in net/sched/schcbq.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TCACTSHOT condition rather than valid classification results...

Kernel: rsvp: out-of-bounds read in rsvp_classify()

...

AZL-31269 CVE-2023-42755 affecting package kernel for versions less than 5.15.135.1-2

A flaw was found in the IPv4 Resource Reservation Protocol RSVP classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the rsvpclassify function. This issue may allow a local user to crash the system and cause a denial of...

kernel: slab-out-of-bounds read vulnerabilities in cbq_classify

An out-of-bounds OOB read problem was found in cbqclassify in net/sched/schcbq.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TCACTSHOT condition rather than valid classification results...

kernel: slab-out-of-bounds read vulnerabilities in cbq_classify

An out-of-bounds OOB read problem was found in cbqclassify in net/sched/schcbq.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TCACTSHOT condition rather than valid classification results...

SUSE CVE-2023-23454

cbqclassify in net/sched/schcbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service slab-out-of-bounds read because of type confusion non-negative numbers can sometimes indicate a TCACTSHOT condition rather than valid classification results...

OESA-2023-1074 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: atmtcenqueue in net/sched/schatm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion non-negative numbers can sometimes indicate a TCACTSHOT condition rather than valid...

OESA-2023-1072 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via...

The vulnerability of the cbq_classify() function in the network packet scheduling subsystem (net/sched/sch_cbq.c) in the Linux kernel allows a attacker to cause a service failure.

The vulnerability of the cbqclassify function in the network packet scheduling subsystem net/sched/schcbq.c of the Linux kernel is related to an incorrect definition of the class type. Exploiting this vulnerability could allow an attacker to cause a service failure...

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

...

AZL-13049 CVE-2023-23454 affecting package hyperv-daemons for versions less than 5.15.87.1-1

cbqclassify in net/sched/schcbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service slab-out-of-bounds read because of type confusion non-negative numbers can sometimes indicate a TCACTSHOT condition rather than valid classification results...