CVE-2024-43875 PCI: endpoint: Clean up error handling in vpci_scan_bus()

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Clean up error handling in vpciscanbus Smatch complains about inconsistent NULL checking in vpciscanbus: drivers/pci/endpoint/functions/pci-epf-vntb.c:1024 vpciscanbus error: we previously assumed 'vpcibus' could b...

WordPress plugin WANotifier 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

XMGoat - Composed of XM Cyber terraform templates that help you learn about common Azure security issues

XM Goat is composed of XM Cyber terraform templates that help you learn about common Azure security issues. Each template is a vulnerable environment, with some significant misconfigurations. Your job is to attack and compromise the environments. Here's what to do for each environment: 1. Run...

CVE-2024-26895

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces wilcnetdevcleanup currently triggers a KASAN warning, which can be observed on interface registration error path, or simply by removing the...

CVE-2024-26895

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces wilcnetdevcleanup currently triggers a KASAN warning, which can be observed on interface registration error path, or simply by removing the...

Oracle Linux 8 : kernel (ELSA-2024-12187)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12187 advisory. - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-4623 - net/sched: schhfsc: upgrade 'rt' to 'sc' when it becomes a inner curve...

WordPress Photo Gallery by 10Web plugin跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Photo Gallery by 10Web plugin is vulnerable to a cross-site scripting vulnerability that stems from...

CVE-2018-16840

A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the Curlclose function, the library code first frees a struct without nulling the pointer and might then subsequently...

HP VAN SDN Controller Root Command Injection Exploit

This Metasploit module exploits a hardcoded service token or default credentials in HPE VAN SDN Controller versions 2.7.18.0503 and below to execute a payload as root. A root command injection was discovered in the uninstall action's name parameter, obviating the need to use sudo for privilege...