CVE-2024-36950 firewire: ohci: mask bus reset interrupts between ISR and bottom half

In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset interrupt has occurred, mask bus reset interrupts until busresetwork has serviced and cleared the...

CVE-2024-36950 firewire: ohci: mask bus reset interrupts between ISR and bottom half

In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset interrupt has occurred, mask bus reset interrupts until busresetwork has serviced and cleared the...

CVE-2024-36950 firewire: ohci: mask bus reset interrupts between ISR and bottom half

In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset interrupt has occurred, mask bus reset interrupts until busresetwork has serviced and cleared the...

PT-2024-15068 · WordPress · Enable Media Replace

Name of the Vulnerable Software and Affected Versions: Enable Media Replace plugin for WordPress versions up to, and including, 4.1.4 Description: The issue allows for Reflected Cross-Site Scripting due to insufficient input sanitization and output escaping via the SHORTPIXEL DEBUG parameter. Thi...

PT-2025-26017 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the csdlock debug kernel-boot parameter, which is parsed by the early param function csdlock debug. If se...

SUSE CVE-2018-1086

pcs before versions 0.9.164 and 0.10 is vulnerable to a debug parameter removal bypass. REST interface of the pcsd service did not properly remove the pcs debug argument from the /runpcs query, possibly disclosing sensitive information. A remote attacker with a valid token could use this flaw to...

CVE-2022-30916

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AspSetTelnetDebug parameter at /goform/aspForm...

CVE-2022-30916

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AspSetTelnetDebug parameter at /goform/aspForm...

H3C Magic R100 缓冲区错误漏洞

H3C Magic R100 is a router from H3C. H3C Magic R100R100V100R005 version has a buffer overflow vulnerability, which originates from a stack overflow issue in the AspSetTelnetDebug parameter in /goform/aspForm. An attacker could exploit this vulnerability to execute arbitrary code...

CVE-2022-29939

In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters debug and InsId in interface\billing\sleobprocess.php leads to multiple cross-site scripting XSS vulnerabilities...

LibreHealth EHR 跨站脚本漏洞

LibreHealth EHR is a clinically-focused electronic health record EHR system designed to be easy to use out-of-the-box or customized for use in a variety of healthcare settings. A security vulnerability exists in LibreHealth EHR 2.0.0, which stems from a missing filter escape for the GET parameter...

kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c

A use-after-free flaw was found in the Linux kernel’s ext4 file system functionality when the user mount ext4 partition, with the usage of an additional debug parameter is defining an extra inode size. If this parameter has a non zero value, this flaw allows a local user to crash the system when...

kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c

A use-after-free flaw was found in the Linux kernel’s ext4 file system functionality when the user mount ext4 partition, with the usage of an additional debug parameter is defining an extra inode size. If this parameter has a non zero value, this flaw allows a local user to crash the system when...

CVE-2014-8674

Multiple Cross-Site Scripting XSS vulnerabilities exist in Simple Online Planning SOPlanning before 1.33 via the document.cookie in nbmois and mbligness and the debug GET parameter to export.php, which allows malicious users to execute arbitrary code...

Sql injection

An issue was discovered in LibreNMS 1.50.1. A SQL injection flaw was identified in the ajaxrulesuggest.php file where the term parameter is used insecurely in a database query for showing columns of a table, as demonstrated by an ajaxrulesuggest.php?debug=1&term= request...

pcs: Debug parameter removal bypass, allowing information disclosure

It was found that the REST interface of the pcsd service did not properly remove the pcs debug argument from the /runpcs query, possibly disclosing sensitive information. A remote attacker with a valid token could use this flaw to elevate their privilege...

Moderate: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

CentOS Update for pcs CESA-2018:1060 centos7

Check the version of pcs SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882895";...

CentOS 7 : pcs (CESA-2018:1060)

An update for pcs is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

pcs security update

0.9.162-5.0.3.el75.1 - Unlike RHEL we DO have corosync/pacemaker for aarch64 on EL7 - replace logo pcsd/public/favicon.ico in tarball - remove Source1 HAM-logo.png 0.9.162-5.el75.1 - Fixed CVE-2018-1086 pcs: Debug parameter removal bypass, allowing information disclosure - Fixed CVE-2018-1079 pcs...