6043 matches found
DEBIAN-CVE-2024-45008
In the Linux kernel, the following vulnerability has been resolved: Input: MT - limit max slots syzbot is reporting too large allocation at inputmtinitslots, for numslots is supplied from userspace using ioctlUIDEVCREATE. Since nobody knows possible max slots, this patch chose 1024...
UBUNTU-CVE-2024-45008
In the Linux kernel, the following vulnerability has been resolved: Input: MT - limit max slots syzbot is reporting too large allocation at inputmtinitslots, for numslots is supplied from userspace using ioctlUIDEVCREATE. Since nobody knows possible max slots, this patch chose 1024...
kernel: mm/slub: fix to return errno if kmalloc() fails
In the Linux kernel, the following vulnerability has been resolved: mm/slub: fix to return errno if kmalloc fails In createuniqueid, kmalloc, GFPKERNEL can fail due to out-of-memory, if it fails, return errno correctly rather than triggering panic via BUGON; kernel BUG at mm/slub.c:5893! Internal...
kernel: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE
In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...
WordPress plugin MultiVendorX 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Free Hospital Management System For Small Practices 1.0 CSRF
============================================================================================================================================= | Title : Vaidya-Mitra v 1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | |...
AD CS Certificate Template Management
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AD CS Certificate Template Management', 'Description' = %q This module can create, read, update, and delete AD CS certificate templates from a...
GO-2024-3096 Mattermost allows remote/synthetic users to create sessions, reset passwords in github.com/mattermost/mattermost-server
Mattermost allows remote/synthetic users to create sessions, reset passwords in github.com/mattermost/mattermost-server...
PT-2024-38922 · Feehicms · Feehicms
Name of the Vulnerable Software and Affected Versions: FeehiCMS versions up to 2.1.1 Description: A critical issue has been found in FeehiCMS, affecting the createBanner function of the file /admin/index.php?r=banner%2Fbanner-create. The manipulation of the argument BannerFormimg leads to...
FeehiCMS 代码问题漏洞
FeehiCMS is a content management system CMS based on the Yii2 framework, aiming to provide Yii2 enthusiasts with a full-featured CMS system so that developers can focus more on the development of business functions. A security vulnerability exists in FeehiCMS. The vulnerability is related to the...
FeehiCMS 代码问题漏洞
FeehiCMS is a Php based CMS website builder by Liufee personal developer. A code issue vulnerability exists in FeehiCMS version 2.1.1 and prior versions, which originates from an unverified file upload vulnerability in the Useravatar parameter of the /admin/index.php?r=user%2Fcreate file...
postgresql: PostgreSQL pg_stats_ext and pg_stats_ext_exprs lack authorization checks
A flaw was found in PostgreSQL. Missing authorization in the built-in views pgstatsext and pgstatsextexprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the...
RuoYi 安全漏洞
RuoYi is a back-end management system by the individual developer of RuoYi in China. A security vulnerability exists in RuoYi v4.7.9, which is caused by a cross-site scripting XSS vulnerability in the sql parameter of the createTable function at /tool/gen/create...
Cross Site Scripting(XSS)
fastapi-admin is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient validation of the Product Name parameter in the Config-Create function, allowing attackers to inject and execute arbitrary web scripts or HTML...
Cross Site Scripting
fastapi-admin is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient validation and sanitization of the Product Name parameter in the Create Product function, which allows attackers to inject and execute arbitrary web scripts or HTML...
CVE-2024-43264
Insertion of Sensitive Information Into Sent Data vulnerability in mischiefmarmot Create by Mediavine mediavine-create.This issue affects Create by Mediavine: from n/a through = 1.9.8...
CVE-2024-43264
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mediavine Create by Mediavine.This issue affects Create by Mediavine: from n/a through 1.9.8...
CVE-2024-43264
CVE-2024-43264 describes an Exposure of Sensitive Information to an Unauthorized Actor in the Mediavine Create WordPress plugin. Affected versions are Create by Mediavine up to 1.9.8 (inclusive). The connected sources confirm an unauthenticated exposure of sensitive data and identify the affected...
GHSA-22XM-W7R2-834Q FastAPI Admin cross-site scripting (XSS) vulnerability in the Create Product function
A cross-site scripting XSS vulnerability in the Create Product function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter...
FastAPI Admin cross-site scripting (XSS) vulnerability in the Create Product function
A cross-site scripting XSS vulnerability in the Create Product function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter...