6043 matches found
CVE-2024-5601
The Create by Mediavine plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Schema Meta shortcode in all versions up to, and including, 1.9.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-5601 Create by Mediavine <= 1.9.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Schema Meta Shortcode
The Create by Mediavine plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Schema Meta shortcode in all versions up to, and including, 1.9.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress Create by Mediavine Plugin <= 1.9.7 is vulnerable to Cross Site Scripting (XSS)
Software Create by Mediavine Type Plugin Vulnerable versions = 1.9.7 Fixed in 1.9.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5601 Patch priority Low CVSS severity Low 6.5 Developer Mediavine PSID ca91d82db3a3 Credits Krzysztof Zając Required...
CVE-2024-34988
SQL injection vulnerability in the module "Complete for Create a Quote in Frontend + Backend Pro" askforaquotemodul = 1.0.51 from Buy Addons for PrestaShop allows attackers to view sensitive information and cause other impacts via methods AskforaquotemodulcustomernewquoteModuleFrontController::ru...
CVE-2024-34988
SQL injection vulnerability in the module "Complete for Create a Quote in Frontend + Backend Pro" askforaquotemodul = 1.0.51 from Buy Addons for PrestaShop allows attackers to view sensitive information and cause other impacts via methods AskforaquotemodulcustomernewquoteModuleFrontController::ru...
PT-2024-26277 · Unknown · Create A Quote In Frontend + Backend Pro
Name of the Vulnerable Software and Affected Versions: Complete for Create a Quote in Frontend + Backend Pro module versions = 1.0.51 Description: The issue allows attackers to view sensitive information and cause other impacts. This is achieved via methods such as...
CVE-2024-34988
SQL injection vulnerability in the module "Complete for Create a Quote in Frontend + Backend Pro" askforaquotemodul = 1.0.51 from Buy Addons for PrestaShop allows attackers to view sensitive information and cause other impacts via methods AskforaquotemodulcustomernewquoteModuleFrontController::ru...
SUSE CVE-2022-48733
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free after failure to create a snapshot At ioctl.c:createsnapshot, we allocate a pending snapshot structure and then attach it to the transaction's list of pending snapshots. After that we call...
SUSE CVE-2022-48767
In the Linux kernel, the following vulnerability has been resolved: ceph: properly put cephstring reference after async create attempt The reference acquired by tryprepasynccreate is currently leaked. Ensure we put it...
SUSE CVE-2024-38564
In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...
PT-2024-6878 · Centreon · Centreon
Name of the Vulnerable Software and Affected Versions: Centreon version 24.04.2 Description: A SQL injection vulnerability allows a remote high-privileged attacker to execute arbitrary SQL commands via create user form inputs. This issue is related to the lack of protection of the SQL query...
DEBIAN-CVE-2022-48767
In the Linux kernel, the following vulnerability has been resolved: ceph: properly put cephstring reference after async create attempt The reference acquired by tryprepasynccreate is currently leaked. Ensure we put it...
DEBIAN-CVE-2022-48733
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free after failure to create a snapshot At ioctl.c:createsnapshot, we allocate a pending snapshot structure and then attach it to the transaction's list of pending snapshots. After that we call...
UBUNTU-CVE-2022-48767
In the Linux kernel, the following vulnerability has been resolved: ceph: properly put cephstring reference after async create attempt The reference acquired by tryprepasynccreate is currently leaked. Ensure we put it...
UBUNTU-CVE-2022-48725
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix refcounting leak in siwcreateqp The atomicinc needs to be paired with an atomicdec on the error path...
CVE-2022-48767
CVE-2022-48767 affects the Linux kernel and relates to a leak of the ceph_string reference after an async create attempt. The description in the initial document states that the reference acquired by try_prep_async_create is leaked and must be put back, and connected sources (Astra Linux bulletin...
CVE-2022-48767
In the Linux kernel, the following vulnerability has been resolved: ceph: properly put cephstring reference after async create attempt The reference acquired by tryprepasynccreate is currently leaked. Ensure we put it...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which originates from a reference count leak in the RDMA/siw module siwcreateqp...
CVE-2022-48767
In the Linux kernel, the following vulnerability has been resolved: ceph: properly put cephstring reference after async create attempt The reference acquired by tryprepasynccreate is currently leaked. Ensure we put it...
DEBIAN-CVE-2021-47579
In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...