WordPress Safety Exit plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin Safety Exit versions = 1.7.0...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1736)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress Safety Exit Plugin <= 1.7.0 is vulnerable to Cross Site Scripting (XSS)

Software Safety Exit Type Plugin Vulnerable versions = 1.7.0 Fixed in 1.7.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35640 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f6ae4e6871a7 Credits Cronus Required privilege Administrator...

glibc: null pointer dereferences after failed netgroup cache insertion

A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit...

The vulnerability of the aiohttp HTTP client, related to the execution of a loop with an unreachable exit condition, allows a hacker to cause a service failure.

The vulnerability of the aiohttp HTTP client is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

SUSE CVE-2023-52740

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch The RFI and STF security mitigation options can flip the interruptexitnotreentrant static branch condition concurrently with the interrupt exit code...

hw: amd: Instruction raise #VC exception at exit

A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the...

The vulnerabilities of the MONGO and ZigBee TLV traffic analyzer in computer networks can be exploited by attackers, causing service interruptions.

The vulnerability of the MONGO and ZigBee TLV traffic analyzer in Wireshark relates to the execution of a cycle with an unavailable exit condition. Exploiting this vulnerability allows a malicious actor to cause a service failure by sending specially crafted packets...

SUSE CVE-2021-47452

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: skip netdev events generated on netns removal syzbot reported following harmless WARN: WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468 nftnetdevunregisterhooks net/netfilter/nftablesapi.c:230 inline...

SUSE CVE-2021-47461

In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix a race between writeprotect and exitmmap A race is possible when a process exits, its VMAs are removed by exitmmap and at the same time userfaultfdwriteprotect is called. The race was detected by KASAN on a...

glibc: null pointer dereferences after failed netgroup cache insertion

A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit...

glibc: null pointer dereferences after failed netgroup cache insertion

A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit...

SUSE CVE-2021-47272

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3gadgetexit if dwc-gadget is NULL There exists a possible scenario in which dwc3gadgetinit can fail: during during host - peripheral mode switch in dwc3setmode, and a pending gadget driver fails to...

hw: amd: Instruction raise #VC exception at exit

A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the...

kernel: md/raid5-cache: fix a deadlock in r5l_exit_log()

A deadlock vulnerability was found in the md RAID5 cache r5l subsystem in the Linux kernel. In r5lexitlog, flushwork is called while holding reconfigmutex, which waits for disablewritebackwork to complete. However, r5cdisablewritebackasync calls waitevent which requires conf-log to be NULL, but...

DEBIAN-CVE-2021-47461

In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix a race between writeprotect and exitmmap A race is possible when a process exits, its VMAs are removed by exitmmap and at the same time userfaultfdwriteprotect is called. The race was detected by KASAN on a...

CVE-2021-47452

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: skip netdev events generated on netns removal syzbot reported following harmless WARN: WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468 nftnetdevunregisterhooks net/netfilter/nftablesapi.c:230 inline...

UBUNTU-CVE-2021-47452

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: skip netdev events generated on netns removal syzbot reported following harmless WARN: WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468 nftnetdevunregisterhooks net/netfilter/nftablesapi.c:230 inline...

CVE-2021-47452

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: skip netdev events generated on netns removal syzbot reported following harmless WARN: WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468 nftnetdevunregisterhooks net/netfilter/nftablesapi.c:230 inline...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention between writeprotect and exitmmap...