Lucene search
K

6043 matches found

OSV
OSV
added 2024/06/27 8:15 a.m.5 views

CVE-2024-5601

The Create by Mediavine plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Schema Meta shortcode in all versions up to, and including, 1.9.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

5.4CVSS6AI score0.00324EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/06/27 7:44 a.m.32 views

CVE-2024-5601 Create by Mediavine <= 1.9.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Schema Meta Shortcode

The Create by Mediavine plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Schema Meta shortcode in all versions up to, and including, 1.9.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00324EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/06/27 12:0 a.m.11 views

WordPress Create by Mediavine Plugin <= 1.9.7 is vulnerable to Cross Site Scripting (XSS)

Software Create by Mediavine Type Plugin Vulnerable versions = 1.9.7 Fixed in 1.9.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5601 Patch priority Low CVSS severity Low 6.5 Developer Mediavine PSID ca91d82db3a3 Credits Krzysztof Zając Required...

6.4CVSS5.8AI score0.00324EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/06/24 11:15 p.m.30 views

CVE-2024-34988

SQL injection vulnerability in the module "Complete for Create a Quote in Frontend + Backend Pro" askforaquotemodul = 1.0.51 from Buy Addons for PrestaShop allows attackers to view sensitive information and cause other impacts via methods AskforaquotemodulcustomernewquoteModuleFrontController::ru...

9.8CVSS0.00408EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/24 12:0 a.m.19 views

CVE-2024-34988

SQL injection vulnerability in the module "Complete for Create a Quote in Frontend + Backend Pro" askforaquotemodul = 1.0.51 from Buy Addons for PrestaShop allows attackers to view sensitive information and cause other impacts via methods AskforaquotemodulcustomernewquoteModuleFrontController::ru...

0.00408EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/24 12:0 a.m.5 views

PT-2024-26277 · Unknown · Create A Quote In Frontend + Backend Pro

Name of the Vulnerable Software and Affected Versions: Complete for Create a Quote in Frontend + Backend Pro module versions = 1.0.51 Description: The issue allows attackers to view sensitive information and cause other impacts. This is achieved via methods such as...

9.8CVSS6.7AI score0.00408EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/24 12:0 a.m.18 views

CVE-2024-34988

SQL injection vulnerability in the module "Complete for Create a Quote in Frontend + Backend Pro" askforaquotemodul = 1.0.51 from Buy Addons for PrestaShop allows attackers to view sensitive information and cause other impacts via methods AskforaquotemodulcustomernewquoteModuleFrontController::ru...

7.4AI score0.00408EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/06/22 4:9 a.m.3 views

SUSE CVE-2022-48733

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free after failure to create a snapshot At ioctl.c:createsnapshot, we allocate a pending snapshot structure and then attach it to the transaction's list of pending snapshots. After that we call...

6.7CVSS6.2AI score0.0023EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2024/06/22 4:8 a.m.2 views

SUSE CVE-2022-48767

In the Linux kernel, the following vulnerability has been resolved: ceph: properly put cephstring reference after async create attempt The reference acquired by tryprepasynccreate is currently leaked. Ensure we put it...

5.5CVSS7.7AI score0.00217EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2024/06/22 3:35 a.m.1 views

SUSE CVE-2024-38564

In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...

6CVSS6.5AI score0.00228EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2024/06/21 12:0 a.m.2 views

PT-2024-6878 · Centreon · Centreon

Name of the Vulnerable Software and Affected Versions: Centreon version 24.04.2 Description: A SQL injection vulnerability allows a remote high-privileged attacker to execute arbitrary SQL commands via create user form inputs. This issue is related to the lack of protection of the SQL query...

6.7CVSS9.1AI score0.02154EPSS
Exploits0References13
OSV
OSV
added 2024/06/20 12:15 p.m.1 views

DEBIAN-CVE-2022-48767

In the Linux kernel, the following vulnerability has been resolved: ceph: properly put cephstring reference after async create attempt The reference acquired by tryprepasynccreate is currently leaked. Ensure we put it...

5.5CVSS5.4AI score0.00217EPSS
Exploits0References1
OSV
OSV
added 2024/06/20 12:15 p.m.2 views

DEBIAN-CVE-2022-48733

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free after failure to create a snapshot At ioctl.c:createsnapshot, we allocate a pending snapshot structure and then attach it to the transaction's list of pending snapshots. After that we call...

7.8CVSS5.8AI score0.0023EPSS
Exploits0References1
OSV
OSV
added 2024/06/20 12:15 p.m.1 views

UBUNTU-CVE-2022-48767

In the Linux kernel, the following vulnerability has been resolved: ceph: properly put cephstring reference after async create attempt The reference acquired by tryprepasynccreate is currently leaked. Ensure we put it...

5.5CVSS5.7AI score0.00217EPSS
Exploits0References7
OSV
OSV
added 2024/06/20 12:15 p.m.2 views

UBUNTU-CVE-2022-48725

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix refcounting leak in siwcreateqp The atomicinc needs to be paired with an atomicdec on the error path...

5.5CVSS5.7AI score0.00225EPSS
Exploits0References6
CVE
CVE
added 2024/06/20 11:13 a.m.77 views

CVE-2022-48767

CVE-2022-48767 affects the Linux kernel and relates to a leak of the ceph_string reference after an async create attempt. The description in the initial document states that the reference acquired by try_prep_async_create is leaked and must be put back, and connected sources (Astra Linux bulletin...

5.5CVSS6.9AI score0.00217EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2024/06/20 11:13 a.m.13 views

CVE-2022-48767

In the Linux kernel, the following vulnerability has been resolved: ceph: properly put cephstring reference after async create attempt The reference acquired by tryprepasynccreate is currently leaked. Ensure we put it...

5.5CVSS5.4AI score0.00217EPSS
Exploits0
CNNVD
CNNVD
added 2024/06/20 12:0 a.m.4 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which originates from a reference count leak in the RDMA/siw module siwcreateqp...

5.5CVSS6.5AI score0.00225EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2024/06/20 12:0 a.m.18 views

CVE-2022-48767

In the Linux kernel, the following vulnerability has been resolved: ceph: properly put cephstring reference after async create attempt The reference acquired by tryprepasynccreate is currently leaked. Ensure we put it...

5.5CVSS6.2AI score0.00217EPSS
Exploits0References6
OSV
OSV
added 2024/06/19 3:15 p.m.3 views

DEBIAN-CVE-2021-47579

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

5.5CVSS5.4AI score0.00235EPSS
Exploits0References1
Rows per page
Query Builder