WordPress 1 Click Close Store Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software 1 Click Close Store Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5d6ea0096ad8 Credits Rafie Muhammad Patchstack...

CLSA-2023-1689258794 Fix CVE(s): CVE-2023-34241

SECURITY UPDATE: use after free - debian/patches/CVE-2023-34241.patch: call httpClose after logging. - CVE-2023-34241 Fix test/run-stp-tests.sh - debian/patches/waiting-limit.patch: limit the waiting for a server dunring tests...

OESA-2023-1410 cups security update

Security Fixes: OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have...

Privilege escalation with IO_RING_OP_CLOSE in the Linux Kernel

...

DEBIAN-CVE-2023-37454

An issue was discovered in the Linux kernel through 6.4.2. A crafted UDF filesystem image causes a use-after-free write operation in the udfputsuper and udfcloselvid functions in fs/udf/super.c. NOTE: the suse.com reference has a different perspective about this...

CVE-2023-37454

An issue was discovered in the Linux kernel through 6.4.2. A crafted UDF filesystem image causes a use-after-free write operation in the udfputsuper and udfcloselvid functions in fs/udf/super.c. NOTE: the suse.com reference has a different perspective about this...

SUSE CVE-2023-1295

A time-of-check to time-of-use issue exists in iouring subsystem's IORINGOPCLOSE operation in the Linux kernel's versions 5.6 - 5.11 inclusive, which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in...

Undertow: Infinite loop in SslConduit during close

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates...

DEBIAN-CVE-2023-1295

A time-of-check to time-of-use issue exists in iouring subsystem's IORINGOPCLOSE operation in the Linux kernel's versions 5.6 - 5.11 inclusive, which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in...

UBUNTU-CVE-2023-1295

A time-of-check to time-of-use issue exists in iouring subsystem's IORINGOPCLOSE operation in the Linux kernel's versions 5.6 - 5.11 inclusive, which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in...

Undertow: Infinite loop in SslConduit during close

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates...

Undertow: Infinite loop in SslConduit during close

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates...

Undertow: Infinite loop in SslConduit during close

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates...

Undertow: Infinite loop in SslConduit during close

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates...

ALPINE-CVE-2023-34241

OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data...

AZL-37074 CVE-2023-34241 affecting package cups for versions less than 2.3.3op2-7

OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data...

DEBIAN-CVE-2023-3316

A NULL pointer dereference in TIFFClose is caused by a failure to open an output file non-existent path or a path that requires permissions like /dev/null while specifying zones...

UBUNTU-CVE-2023-3316

A NULL pointer dereference in TIFFClose is caused by a failure to open an output file non-existent path or a path that requires permissions like /dev/null while specifying zones...

CVE-2023-34795

xlsxio v0.1.2 to v0.2.34 was discovered to contain a free of uninitialized pointer in the xlsxioreadsheetlistclose function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted XLSX file...

xlsxio 资源管理错误漏洞

xlsxio is a cross-platform C library for reading values from and writing values to .xlsx files from the individual developer Brecht Sanders. A security vulnerability exists in xlsxio versions v0.1.2 through v0.2.34, which stems from the inclusion of an uninitialized pointer in the...