3926 matches found
CVE-2021-47565 scsi: mpt3sas: Fix kernel panic during drive powercycle test
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix kernel panic during drive powercycle test While looping over shost's sdev list it is possible that one of the drives is getting removed and its sastarget object is freed but its sdev object remains intact...
CVE-2021-47565
The CVE-2021-47565 issue is in the Linux kernel, specifically the scsi: mpt3sas path. The root cause is a race/NULL-check problem when iterating over a host (shost) sdev list: a drive may be removed and its sas_target object freed while its sdev remains, allowing code to access sas_target->sas...
Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users
A new attack campaign dubbed CLOUDREVERSER has been observed leveraging legitimate cloud storage services like Google Drive and Dropbox to stage malicious payloads. "The VBScript and PowerShell scripts in the CLOUDREVERSER inherently involves command-and-control-like activities by using Google...
CVE-2024-4322 Path Traversal in parisneo/lollms-webui
A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically within the /listpersonalities endpoint. By manipulating the category parameter, an attacker can traverse the directory structure and list any directory on the system. This issue affects the latest version...
CVE-2024-4322 Path Traversal in parisneo/lollms-webui
A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically within the /listpersonalities endpoint. By manipulating the category parameter, an attacker can traverse the directory structure and list any directory on the system. This issue affects the latest version...
Update Chrome now! Google releases emergency security patch
Google has released an emergency security update for its Chrome browser. The update includes a patch released four days earlier for a vulnerability which Google say is already being exploited. The easiest way to update Chrome is to allow it to update automatically, but you can end up lagging behi...
SAMSUNG portable SSD T5 PC 安全漏洞
SAMSUNG portable SSD T5 PC is an official software for hard disks from the South Korean company Samsung SAMSUNG. A security vulnerability exists in Samsung Portable SSD. An attacker can elevate privileges through arbitrary code execution...
Integrate Google Drive < 1.3.91 - Missing Authorization
Description The Integrate Google Drive plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in versions up to, and including, 1.3.8. This makes it possible for unauthenticated attackers to perform unauthorized actions...
Fedora 40 : PyDrive2 (2023-392085b92b)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-392085b92b advisory. Automatic update for PyDrive2-1.18.0-1.fc40. Changelog Thu Dec 7 2023 Mikel Olasagasti Uranga - 1.18.0-1 - Update to 1.18.0 - Closes rhbz2253086 rhbz2253467...
Integrate Google Drive < 1.3.91 - Missing Authorization
Description The Integrate Google Drive plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on several functions in versions up to, and including, 1.3.9. This makes it possible for unauthenticated attackers to perform unauthorized actions...
ROS-20240425-07
A vulnerability in the Git distributed version control system is related to the ability to create the folder "C:.git." Exploitation of the vulnerability could allow an attacker to run arbitrary commands...
WordPress Integrate Google Drive plugin <= 1.3.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Integrate Google Drive versions = 1.3.8...
WordPress Integrate Google Drive plugin <= 1.3.9 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Integrate Google Drive versions = 1.3.9...
WordPress Integrate Google Drive Plugin <= 1.3.8 is vulnerable to Broken Access Control
Software Integrate Google Drive Type Plugin Vulnerable versions = 1.3.8 Fixed in 1.3.91 OWASP Top 10 A4: Insecure Design Classification Broken Access Control CVE CVE-2024-32949 Patch priority Medium CVSS severity Medium 8.3 Developer Claim ownership PSID ccf771b656bb Credits Steven Julian Require...
WordPress Integrate Google Drive Plugin <= 1.3.9 is vulnerable to Broken Access Control
Software Integrate Google Drive Type Plugin Vulnerable versions = 1.3.9 Fixed in 1.3.91 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32813 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 3bec4c127fe1 Credits Steven Julian Require...
CVE-2023-36505
Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.This issue affects Ninja Forms Contact Form : from n/a through 3.6.24...
CVE-2023-36505 WordPress Ninja Forms Plugin <= 3.6.24 is vulnerable to Arbitrary File Deletion
Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.This issue affects Ninja Forms Contact Form : from n/a through 3.6.24...
CVE-2024-30878
A cross-site scripting XSS vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the uploaddrive parameter...
PT-2024-23651 · Unknown · Rageframe2
Name of the Vulnerable Software and Affected Versions: RageFrame2 version 2.6.43 Description: A cross-site scripting XSS issue allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the upload drive parameter...
Client drive not mapping after reconnection
Client drive mapped via CDM disappeared after reconnecting by session reliability...