CVE-2024-49254

Improper Control of Generation of Code 'Code Injection' vulnerability in sunjianle ajax-extend ajax-extend allows Code Injection.This issue affects ajax-extend: from n/a through = 1.0...

CVE-2024-57077

CVE-2024-57077 affects utils-extend (version 1.0.8) with a Prototype Pollution flaw in the lib.extend entry point. The vulnerability allows an attacker to inject properties into Object.prototype, which can cause a denial of service (DoS). Public details include a PoC demonstrating pollution; sour...

CVE-2024-57077

The latest version of utils-extend 1.0.8 is vulnerable to Prototype Pollution through the entry functions lib.extend. An attacker can supply a payload with Object.prototype setter to introduce or modify properties within the global prototype chain, causing denial of service DoS a the minimum...

CVE-2024-57077

The latest version of utils-extend 1.0.8 is vulnerable to Prototype Pollution through the entry functions lib.extend. An attacker can supply a payload with Object.prototype setter to introduce or modify properties within the global prototype chain, causing denial of service DoS a the minimum...

utils-extend 安全漏洞

utils-extend is an extension by nothing individual developer. A security vulnerability exists in utils-extend, which stems from the lib.extend function containing a prototype contamination vulnerability...

PT-2025-5754 · Unknown · Utils-Extend

Name of the Vulnerable Software and Affected Versions: utils-extend version 1.0.8 Description: The issue allows an attacker to introduce or modify properties within the global prototype chain through the lib.extend entry function, causing a denial of service DoS as the minimum consequence. This i...

KB5050115: Servicing stack update for Windows Server 2012 R2: January 14, 2025

KB5050115: Servicing stack update for Windows Server 2012 R2: January 14, 2025 End of support information Windows Server 2012 R2 reached end of support EOS on October 10, 2023.Extended Security Updates ESUs are available for purchase and will continue for three years, renewable on an annual basis...

PT-2026-2890

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the BPF subsystem related to handling kfunc calls on LoongArch architecture. Specifically, the issue involves improper sign extension of arguments...

DEBIAN-CVE-2024-50211

In the Linux kernel, the following vulnerability has been resolved: udf: refactor inodebmap to handle error Refactor inodebmap to handle error since udfnextaext can return error now. On situations like ftruncate, udfextendfile can now detect errors and bail out early without resorting to checking...

UBUNTU-CVE-2024-50211

In the Linux kernel, the following vulnerability has been resolved: udf: refactor inodebmap to handle error Refactor inodebmap to handle error since udfnextaext can return error now. On situations like ftruncate, udfextendfile can now detect errors and bail out early without resorting to checking...

CVE-2024-49254

Improper Control of Generation of Code 'Code Injection' vulnerability in sunjianle ajax-extend ajax-extend allows Code Injection.This issue affects ajax-extend: from n/a through = 1.0...

CVE-2024-49254 WordPress ajax-extend plugin <= 1.0 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in sunjianle ajax-extend ajax-extend allows Code Injection.This issue affects ajax-extend: from n/a through = 1.0...

CVE-2024-49254

CVE-2024-49254 concerns WordPress ajax-extend plugin &lt;=1.0 with a remote code execution (RCE) vulnerability. The issue is described as improper control of code generation, enabling code injection. Affected software is the ajax-extend plugin (n/a through 1.0). The CVSS from the document set sho...

CVE-2024-49254 WordPress ajax-extend plugin <= 1.0 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Sunjianle allows Code Injection.This issue affects ajax-extend: from n/a through 1.0...

PT-2024-33392 · Sunjianle · Ajax-Extend

Name of the Vulnerable Software and Affected Versions: Sunjianle ajax-extend versions n/a through 1.0 Description: The issue is related to improper control of code generation, allowing code injection. This vulnerability exists in Sunjianle and affects the ajax-extend component. Recommendations: F...

WordPress plugin ajax-extend 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

WordPress ajax-extend plugin <= 1.0 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin ajax-extend versions = 1.0...

WordPress ajax-extend Plugin <= 1.0 is vulnerable to Remote Code Execution (RCE)

Software ajax-extend Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-49254 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 52c87350742c Credits stealthcopter Required privilege...

PT-2024-34047

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61 Description: A flaw in the Linux kernel has been fixed, related to improved error handling in the udf extend file function. The inode bmap function was refactored to handle errors since udf next aext can...

Prototype Pollution

Overview org.webjars.npm:pace-js is an Automatically add a progress bar to your site. Affected versions of this package are vulnerable to Prototype Pollution via the extend function, which recursively copies key-value pairs from the source object without properly validating property names. An...