PT-2023-32349 · WordPress · The News & Blog Designer Pack

Name of the Vulnerable Software and Affected Versions: The News & Blog Designer Pack – WordPress Blog Plugin versions up to, and including, 3.4.1 Description: The issue is related to Remote Code Execution via Local File Inclusion. This is due to the bdp get more post function utilizing an unsafe...

SUSE CVE-2023-40791

extractusertosg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for trygrabpage...

DEBIAN-CVE-2023-40791

extractusertosg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for trygrabpage...

CVE-2023-40791

extractusertosg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for trygrabpage...

SUSE CVE-2023-5557

A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability...

DEBIAN-CVE-2023-5557

A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability...

UBUNTU-CVE-2023-5557

A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability...

CVE-2023-5557 Tracker-miners: sandbox escape

A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability...

CVE-2023-5557

A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability...

libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c

A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted16bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modification...

libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c

A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted16bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modification...

PT-2023-7470 · Gnome +8 · Tracker-Miners +8

Name of the Vulnerable Software and Affected Versions: tracker-miners affected versions not specified Description: A flaw was found in the tracker-miners package, which is part of the GNOME operating system for Linux. The issue is related to a weakness in the sandbox mechanism that allows a...

CVE-2023-38346

An issue was discovered in Wind River VxWorks 6.9 and 7. The function tarExtract implements TAR file extraction and thereby also processes files within an archive that have relative or absolute file paths. A developer using the "tarExtract" function may expect that the function will strip leading...

CVE-2023-29245

A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sendi...

[SECURITY] Fedora 38 Update: erofs-utils-1.6-3.fc38

EROFS stands for Enhanced Read-Only File System. It aims to be a general read-only file system solution for various use cases instead of just focusing on saving storage space without considering runtime performance. This package includes tools to create, check, and extract EROFS images...

Path Traversal

PF4J is vulnerable to Path Traversal. The vulnerability exists in the extract function in Unzip.java due to a lack of path validation which allows an attacker to obtain sensitive information and execute arbitrary code via the expandIfZip parameter...

Path Traversal

PF4J is vulnerable to Path Traversal. The vulnerability exists in the extract function in Unzip.java due to a lack of path validation which allows an attacker to obtain sensitive information and execute arbitrary code via the loadpluginPath parameter...

Path Traversal

PF4J is vulnerable to Path Traversal. The vulnerability exists in the extract function in Unzip.java due to a lack of path validation which allows an attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

pf4j vulnerable to remote code execution via expandIfZip method in the extract function

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the expandIfZip method in the extract function...

GHSA-CJ8W-V588-P8WX pf4j vulnerable to remote code execution via expandIfZip method in the extract function

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the expandIfZip method in the extract function...