4718 matches found
PT-2024-29600 · WordPress · Build App Online
Name of the Vulnerable Software and Affected Versions: Build App Online plugin for WordPress versions up to, and including, 3.0.5 Description: The issue is due to the eb user email verification key default value being empty and the missing not empty check in the eb user email verify function. Thi...
WordPress Edwiser Bridge plugin <= 3.0.5 - Authentication Bypass due to Missing Empty Value Check vulnerability
Authentication Bypass due to Missing Empty Value Check vulnerability discovered by István Márton in WordPress Plugin Edwiser Bridge versions = 3.0.5...
SUSE CVE-2024-26967
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: camcc-sc8280xp: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
SUSE CVE-2024-26968
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
SUSE CVE-2024-26970
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
CVE-2024-27047
A vulnerability was found in the Linux kernel's net driver phydevice.c in the phygetinternaldelay function, where a lack of proper checks can cause a potential NULL pointer dereference to occur when the function attempts to access an empty array. The error occurs if the driver calls...
DEBIAN-CVE-2024-27047
In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phygetinternaldelay accessing an empty array The phygetinternaldelay function could try to access to an empty array in the case that the driver is calling phygetinternaldelay without defining delayvalues and...
UBUNTU-CVE-2024-27047
In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phygetinternaldelay accessing an empty array The phygetinternaldelay function could try to access to an empty array in the case that the driver is calling phygetinternaldelay without defining delayvalues and...
DEBIAN-CVE-2024-26967
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: camcc-sc8280xp: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
CVE-2024-26969
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
DEBIAN-CVE-2024-26966
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
zstd: mysql: buffer overrun in util.c
A vulnerability was found in zstd. This flaw allows an attacker to supply an empty string as an argument to the command line tool to cause a buffer overrun...
openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries
A vulnerability was found in OpenSSL. The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries, which are unauthenticated as a consequence. Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can...
SUSE CVE-2024-3860
An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox 125...
DHCP Server 安全漏洞
Open DHCP Server is an open source software from an individual developer that provides DHCP services. A security vulnerability exists in DHCP Server ec976d2 and prior versions, which stems from the presence of a NULL pointer dereference that allows remote attackers to cause a denial of service by...
AES-SIV implementation ignores empty associated data entries (CVE-2023-2975)
Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be...
RHEL 8 / 9 : OpenShift Container Platform 4.14.4 (RHSA-2023:7473)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7473 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
CVE-2024-3860
An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox 125...
UBUNTU-CVE-2024-3860
An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox 125...
CVE-2024-3860
An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox 125...