6043 matches found
TYPO3 安全漏洞
TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 version 12.4.0 and earlier, which stems from an inability to validate the mail parameter of createAction, resulting in insecure direct object...
Vulnerability of the H5D__create_chunk_file_map_hyper() function in the H5Dchunk.c file of the HDF5 library, allowing a hacker to cause a service failure
The vulnerability of the H5Dcreatechunkfilemaphyper function in the H5Dchunk.c file of the HDF5 library is related to writing beyond the memory boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...
Vulnerabilities of the functions fc_lport_ptp_setup(), fc_rport_create() in the Linux operating system, related to pointer arithmetic errors, allowing attackers to trigger service denial.
The vulnerabilities of the functions fclportptpsetup, fcrportcreate in the Linux operating system are related to pointer arithmetic errors. Exploiting these vulnerabilities can allow attackers to cause service failures...
Malicious code in create-auction-house (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c2211dcc1cfcd557e8c971ec03d126ef506517e91d0037f89be0bfb34265f0b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-8864 Malicious code in create-auction-house (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c2211dcc1cfcd557e8c971ec03d126ef506517e91d0037f89be0bfb34265f0b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
drm/amdkfd: Fix memory leak in create_process failure
...
pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER
...
kernel: cxl/region: Fix memregion leaks in devm_cxl_add_region()
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix memregion leaks in devmcxladdregion Move the mode verification to createregion before allocating the memregion to avoid the memregion leaks...
CVE-2024-43781
A vulnerability has been identified in SINUMERIK 828D V4 All versions V4.95 SP3, SINUMERIK 840D sl V4 All versions V4.95 SP3 in connection with using Create MyConfig CMC = V4.8 SP1 HF6, SINUMERIK ONE All versions V6.23 in connection with using Create MyConfig CMC = V6.6, SINUMERIK ONE All version...
CVE-2024-43781
A vulnerability has been identified in SINUMERIK 828D V4 All versions V4.95 SP3, SINUMERIK 840D sl V4 All versions V4.95 SP3 in connection with using Create MyConfig CMC = V4.8 SP1 HF6, SINUMERIK ONE All versions V6.23 in connection with using Create MyConfig CMC = V6.6, SINUMERIK ONE All version...
CVE-2024-43781
CVE-2024-43781 concerns SINUMERIK systems where, when Create MyConfig (CMC) is used, an Insertion of Sensitive Information into Log File vulnerability can allow a local authenticated user with low privileges to read sensitive data and bypass access restrictions. Affected products include SINUMERI...
@bitrefill/airfill-widget (>=4.2.2 <=4.8.3), @chialab/rna-cli (>=2.2.0 <=4.0.0-beta.22) +94 more potentially affected by CVE-2024-21528 via node-gettext (>=0.1.2 <=3.0.0)
node-gettext NPM version =0.1.2, =4.2.2, =2.2.0, =2.2.0, =0.9.1, =1.1.2, =4.1.0-alpha.1, =0.0.4, =5.2.0-alpha.13, =5.2.0, =1.0.6, =1.0.17, =1.0.3, =4.1.2, =2.0.0, =2.3.1 and more Source cves: CVE-2024-21528 Source advisory: OSV:GHSA-G974-HXVM-X689...
PT-2024-7879 · Siemens · Sinumerik 828D V4 +3
Name of the Vulnerable Software and Affected Versions: SINUMERIK 828D V4 versions prior to V4.95 SP3 SINUMERIK 840D sl V4 versions prior to V4.95 SP3 SINUMERIK ONE versions prior to V6.23 SINUMERIK ONE versions prior to V6.15 SP4 Description: A vulnerability has been identified that allows the...
PT-2024-28970 · Google · Android
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to the handleCreateConferenceComplete function in ConnectionServiceWrapper.java, where a confused deputy could lead to revealing...
CVE-2024-8604 SourceCodester Online Food Ordering System Create an Account Page index.php cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Online Food Ordering System 2.0. This affects an unknown part of the file index.php of the component Create an Account Page. The manipulation of the argument First Name/Last Name leads to cross site scripting. It is possib...
CVE-2024-8604 SourceCodester Online Food Ordering System Create an Account Page index.php cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Online Food Ordering System 2.0. This affects an unknown part of the file index.php of the component Create an Account Page. The manipulation of the argument First Name/Last Name leads to cross site scripting. It is possib...
Malicious code in @sky-team/create-project-modal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c63ed97fa2890cd36683d943cad94b27fa57e5a87b9b16fa38a55970163af5a1 The OpenSSF Package Analysis project identified '@sky-team/create-project-modal' @ 99.50.55 npm as malicious. It is considered malicious because...
MAL-2024-8841 Malicious code in @sky-team/create-project-modal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c63ed97fa2890cd36683d943cad94b27fa57e5a87b9b16fa38a55970163af5a1 The OpenSSF Package Analysis project identified '@sky-team/create-project-modal' @ 99.50.55 npm as malicious. It is considered malicious because...
PT-2024-39120 · Learning Digital · Orca Hcm
Name of the Vulnerable Software and Affected Versions: Orca HCM from LEARNING DIGITAL affected versions not specified Description: The issue is related to a missing authentication vulnerability, allowing an unauthenticated remote attacker to exploit the functionality and create an account with...
CVE-2024-6010
The Cost Calculator Builder PRO plugin for WordPress is vulnerable to price manipulation in all versions up to, and including, 3.2.1. This is due to the plugin allowing the price field to be manipulated prior to processing via the 'createccorder' function, called from the Cost Calculator Builder...