4 matches found
CVE-2022-49875
In the Linux kernel, the following vulnerability has been resolved: bpftool: Fix NULL pointer dereference when pin PROG, MAP, LINK without FILE When using bpftool to pin PROG, MAP, LINK without FILE, segmentation fault will occur. The reson is that the lack of FILE will cause strlen to trigger NU...
CVE-2023-4458
A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on...
CVE-2024-41083 netfs: Fix netfs_page_mkwrite() to check folio->mapping is valid
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix netfspagemkwrite to check folio-mapping is valid Fix netfspagemkwrite to check that folio-mapping is valid once it has taken the folio lock as filemappagemkwrite does. Without this, generic/247 occasionally oopses with...
WordPress GiveWP 2.9.7 Cross Site Scripting
Exploit Title: GiveWP 2.9.7 Reflected Cross-Site Scripting Date: 3/23/2021 Exploit Author: Austin Bentley Vendor Homepage: https://givewp.com/ Software Link: https://wordpress.org/plugins/give/ Version: 2.9.7 Tested on: Windows 7 CVE: CVE-2021-24213 Exploitation requirements: Admin must visit...