CVE-2024-39553

An Exposure of Resource to Wrong Sphere vulnerability in the sampling service of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to send arbitrary data to the device, which leads msvcsd process to crash with limited availability impacting Denial of Service DoS a...

PT-2024-28529 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions 21.4 through 21.4R3-S7-EVO Juniper Networks Junos OS Evolved versions 22.2 through 22.2R3-S3-EVO Juniper Networks Junos OS Evolved versions 22.3 through 22.3R3-S2-EVO Juniper Networks Junos OS Evolve...

CVE-2023-52340

The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c maxsize threshold that can be consumed easily, e.g., leading to a denial of service network is unreachable errors when IPv6 packets are sent in a loop via a raw socket...

Moderate: Red Hat Security Advisory: python-jinja2 security update

An update for python-jinja2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

In Emacs before 29.3 Gnus treats inline MIME contents as trusted.

...

Malicious code in active-record_inline_schema (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in actionmailer-inline_css (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

CVE-2024-38544

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxecompqueuepkt In rxecompqueuepkt an incoming response packet skb is enqueued to the resppkts queue and then a decision is made whether to run the completer task inline or schedule it. Finally the skb ...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ext4: block range must be validated before use in ext4mbclearbb CVE-2022-50021 In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq-bic' CVE-2022-50488 In the...

CVE-2024-4488

The Royal Elementor Addons and Templates for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘inlinelist’ parameter in versions up to, and including, 1.3.976 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress plugin Login/Signup Popup ( Inline Form + Woocommerce) security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers. WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin...

SUSE CVE-2020-25017

Envoy through 1.15.0 only considers the first value when multiple header values are present for some HTTP headers. Envoy's setCopy header map API does not replace all existing occurences of a non-inline header...

Information Disclosure

typo3/cms-core is vulnerable to Information Disclosure. The vulnerability is due to Inline JavaScript settings within the RequireJS package, which allows an attacker to retrieve additional information about the installed system and third-party extensions...

SUSE CVE-2021-47460

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 "fs: Don't invalidate page buffers in blockwritefullpage" uncovered a latent bug in ocfs2 conversion from inline inode format to a normal inode...

CVE-2023-52786

In the Linux kernel, the following vulnerability has been resolved: ext4: fix racy may inline data check in dio write syzbot reports that the following warning from ext4iomapbegin triggers as of the commit referenced below: if WARNONONCEext4hasinlinedatainode return -ERANGE; This occurs during a...

CVE-2024-3648

The ShareThis Share Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sharethis-inline-button' shortcode in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

SUSE CVE-2023-52786

In the Linux kernel, the following vulnerability has been resolved: ext4: fix racy may inline data check in dio write syzbot reports that the following warning from ext4iomapbegin triggers as of the commit referenced below: if WARNONONCEext4hasinlinedatainode return -ERANGE; This occurs during a...

kernel: ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline

In the Linux kernel, the following vulnerability has been resolved: ext4: fix delayed allocation bug in ext4clumapped for bigalloc + inline When converting files with inline data to extents, delayed allocations made on a file system created with both the bigalloc and inline options can result in...

CVE-2021-47460

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 "fs: Don't invalidate page buffers in blockwritefullpage" uncovered a latent bug in ocfs2 conversion from inline inode format to a normal inode...

CVE-2021-47460

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 "fs: Don't invalidate page buffers in blockwritefullpage" uncovered a latent bug in ocfs2 conversion from inline inode format to a normal inode...