PT-2024-38867 · WordPress · Permalink Manager Lite

Name of the Vulnerable Software and Affected Versions: Permalink Manager Lite plugin for WordPress versions up to, and including, 2.4.4 Description: The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the debug data,...

WordPress plugin Permalink Manager Lite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

PT-2024-12269 · Unknown · Power Management Firmware

Name of the Vulnerable Software and Affected Versions: Power Management Firmware affected versions not specified Description: The generation of weak and predictable Initialization Vector IV in Power Management Firmware may allow an attacker with privileges to reuse IV values to reverse-engineer...

SUSE CVE-2023-52752

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifsdebugdataprocshow Skip SMB sessions that are being teared down e.g. @ses-sesstatus == SESEXITING in cifsdebugdataprocshow to avoid use-after-free in @ses. This fixes the following GPF wh...

DEBIAN-CVE-2023-52752

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifsdebugdataprocshow Skip SMB sessions that are being teared down e.g. @ses-sesstatus == SESEXITING in cifsdebugdataprocshow to avoid use-after-free in @ses. This fixes the following GPF wh...

AZL-42208 CVE-2023-52752 affecting package kernel for versions less than 5.15.167.1-2

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifsdebugdataprocshow Skip SMB sessions that are being teared down e.g. @ses-sesstatus == SESEXITING in cifsdebugdataprocshow to avoid use-after-free in @ses. This fixes the following GPF wh...

UBUNTU-CVE-2023-52752

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifsdebugdataprocshow Skip SMB sessions that are being teared down e.g. @ses-sesstatus == SESEXITING in cifsdebugdataprocshow to avoid use-after-free in @ses. This fixes the following GPF wh...

PT-2024-3235 · Cyberpower · Cyberpower Powerpanel

Name of the Vulnerable Software and Affected Versions: CyberPower PowerPanel affected versions not specified Description: The issue is related to hard-coded credentials for the test server found in the production code, which could allow an attacker to gain access to the testing or production...

编号撤回

libdwarf is a library and command line tool for reading and writing the DWARF2 standardized debug data format. This CVE number has been withdrawn...

libdwarf Resource Management Error Vulnerability

libdwarf is a library and command line tool for reading and writing DWARF2 standardized debug data format. A resource management error vulnerability exists in libdwarf that stems from the presence of a double release vulnerability...

CVE-2023-1623

The Custom Post Type UI WordPress plugin before 1.13.5 does not properly check for CSRF when sending the debug information to a user supplied email, which could allow attackers to make a logged in admin send such information to an arbitrary email address via a CSRF attack...

PT-2022-3829 · Intel · Intel Optane Ssd +1

Name of the Vulnerable Software and Affected Versions: IntelR SSD DC versions affected versions not specified IntelR OptaneTM SSD versions affected versions not specified IntelR OptaneTM SSD DC versions affected versions not specified Description: The issue is related to the exposure of sensitive...

CVE-2022-0770

The Translate WordPress with GTranslate WordPress plugin before 2.9.9 does not have CSRF check in some files, and write debug data such as user's cookies in a publicly accessible file if a specific parameter is used when requesting them. Combining those two issues, an attacker could gain access t...

CVE-2022-0770

The Translate WordPress with GTranslate plugin for WordPress is affected by a CSRF vulnerability in versions before 2.9.9, due to missing CSRF checks in certain files. This flaw can cause the plugin to write debug data such as a user’s cookies to publicly accessible files when a specific paramete...

libdwarf 安全漏洞

libdwarf is a library and command line tool for reading and writing the DWARF2 standardized debug data format. A security vulnerability exists in libdwarf. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or the vendor's announcement...

DEBIAN-CVE-2018-7568

The parsedie function in dwarf1.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service integer overflow and application crash via an ELF file with corrupt dwarf1 debug information, as demonstrated by nm...

ALPINE-CVE-2018-7568

The parsedie function in dwarf1.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service integer overflow and application crash via an ELF file with corrupt dwarf1 debug information, as demonstrated by nm...

Fedora 24 : libmtp (2017-d26266eb32)

libmtp 1.1.13 ============= Christophe Vu-Brugier 1 : - added GoPro HERO5 Black Emeric Grange 2 : - added GoPro HERO5 Session - rename F5321 into XPeria X Compact Gaute Hope 2 : - add GoPro Hero+ - add mtp-detect for GoPro Hero+ Jerry Zhang 1 : - Update Google device strings, add PTP+ADB id Marcu...

Byzanz GIF Encoding Denial of Service Vulnerability

Byzanz is a program to record animated GIFs. The GIF encoding in Byzanz fails to properly handle Byzanz debug data logging, allowing remote attackers to conduct denial-of-service attacks or execute arbitrary code...

TP1/Message Control Denial of Service (DoS) Vulnerability

Overview The port used by TP1/Message Control's mapping service has a vulnerability where the port is forced to keep collecting debug information when it receives a maliciously-crafted message, which in turn causes the depletion of the disk resource and leads to a denial of service DoS condition...