CVE-2023-52828

In the Linux kernel, the following vulnerability has been resolved: bpf: Detect IP == ksym.end as part of BPF program Now that bpfthrow kfunc is the first such call instruction that has noreturn semantics within the verifier, this also kicks in dead code elimination in unprecedented ways. For one...

Emlog Pro 代码问题漏洞

Emlog is a PHP and MySQL based CMS website builder for emlog individual developers. A code issue vulnerability exists in Emlog Pro version 2.3.4, which stems from an unknown function in the file admin/setting.php that causes unrestricted uploads...

SchoolWebTech Code Issues Vulnerabilities

SchoolWebTech is a campus website application. A code issue vulnerability exists in SchoolWebTech version 1.0, which stems from an incorrect manipulation of the parameter image that can lead to unrestricted uploads...

PHOENIX CONTACT CHARX SEC-3000 代码问题漏洞

PHOENIX CONTACT CHARX SEC is a series of AC charge controllers from PHOENIX CONTACT, Germany. A code issue vulnerability exists in PHOENIX CONTACT CHARX SEC-3000 version 1.5.1 and earlier, which originates from a local, low-privilege attacker who can use an untrusted search path to gain root...

Online Computer and Laptop Store 代码问题漏洞

Online Computer and Laptop Store is an online computer and laptop store by Carlo Montero Personal Developer. A code issue vulnerability exists in Online Computer and Laptop Store version 1.0, which stems from the file /classes/SystemSettings.php?f=updatesettings causing unrestricted uploads...

SolarWinds Access Rights Manager 代码问题漏洞

SolarWinds Access Rights Manager is a lightweight review management system from SolarWinds, Inc. A code issue vulnerability exists in versions of SolarWinds Access Rights Manager prior to 2023.2.4, which stems from susceptibility to remote code execution vulnerabilities...

PT-2024-13351 · Vtiger · Vtiger Crm

Name of the Vulnerable Software and Affected Versions: Vtiger CRM version 7.5.0 Description: The issue allows a remote authenticated attacker to run arbitrary PHP code because an unprotected endpoint allows them to write this code to the config.inc.php file, which is executed on every page load...

Pisay Online E-Learning System 代码问题漏洞

Sourcecodester Pisay Online E-Learning System is an online e-learning system based on PHP and MySQL. A code issue vulnerability exists in Pisay Online E-Learning System version 1.0, which stems from the parameter file in the file /lesson/controller.php that can lead to unrestricted uploads...

IBM i 和 IBM Rational Development Studio 代码问题漏洞

IBM i and IBM Rational Development Studio are both products of International Business Machines IBM Corporation.IBM i is an operating system that runs in IBM Power Systems and IBM PureSystems.IBM Rational Development Studio is IBM i is an operating system that runs on IBM Power Systems and IBM...

GHSA-3WHQ-64Q2-QFJ6 vyper performs double eval of raw_args in create_from_blueprint

Summary Using the createfromblueprint builtin can result in a double eval vulnerability when rawargs=True and the args argument has side-effects. A contract search was performed and no vulnerable contracts were found in production. In particular, the rawargs variant of createfromblueprint was not...

WordPress plugin Unlimited Elements For Elementor 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

CVE-2024-3857

The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...

CVE-2024-30219

Active debug code vulnerability exists in PLANEX COMMUNICATIONS wireless LAN routers. If a logged-in user who knows how to use the debug function accesses the device's management page, an unintended operation may be performed. Note that MZK-MF300N is no longer supported, therefore the update for...

Adobe Animate 代码问题漏洞

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate has a code issue vulnerability that stems from the application being susceptible to NULL pointer dereferencing, which can be exploited by an attacker to cause a system crash, resulting in a...

Byzro Networks Smart S80 代码问题漏洞

Byzro Networks Smart S80 is an Internet behavior management product from Byzro Networks. A code issue vulnerability exists in Byzro Smart S80 Management Platform 20240317 and prior versions, which stems from an unknown function in /useratte/userattestation.php that causes unrestricted uploads via...

Ping Identity PingFederate 代码问题漏洞

Ping Identity PingFederate is a flagship software-based federation server in the United States. It is used for identity management. Ping Identity PingFederate has a code issue vulnerability that stems from the presence of a Server Request Forgery SSRF vulnerability...

WordPress Plugin Product Designer 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

CVE-2024-29741

In pblS2mpuResume of s2mpu.c, there is a possible mitigation bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-29748

there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...

WordPress Plugin Shortcode Addons 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...