CVE-2023-52659

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Ensure input to pfntokaddr is treated as a 64-bit type On 64-bit platforms, the pfntokaddr macro requires that the input value is 64 bits in order to ensure that valid address bits don't get lost when shifting that input ...

UBUNTU-CVE-2023-52659

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Ensure input to pfntokaddr is treated as a 64-bit type On 64-bit platforms, the pfntokaddr macro requires that the input value is 64 bits in order to ensure that valid address bits don't get lost when shifting that input ...

CVE-2023-52659

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Ensure input to pfntokaddr is treated as a 64-bit type On 64-bit platforms, the pfntokaddr macro requires that the input value is 64 bits in order to ensure that valid address bits don't get lost when shifting that input ...

CVE-2023-52659 x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Ensure input to pfntokaddr is treated as a 64-bit type On 64-bit platforms, the pfntokaddr macro requires that the input value is 64 bits in order to ensure that valid address bits don't get lost when shifting that input ...

CVE-2023-52659 x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Ensure input to pfntokaddr is treated as a 64-bit type On 64-bit platforms, the pfntokaddr macro requires that the input value is 64 bits in order to ensure that valid address bits don't get lost when shifting that input ...

CVE-2024-30203

A flaw was found in Emacs. When Emacs is used as an email client, inline MIME attachments are considered to be trusted by default, allowing a crafted LaTeX document to exhaust the disk space or the inodes allocated for the partition where the /tmp directory is located. This issue possibly results...

Best API Security Product: Wallarm wins 2024 Cybersecurity Excellence Award

We are thrilled to announce that Wallarm has clinched the sought-after 2024 Cybersecurity Excellence Award, under the category Best API Security Product. Our unwavering commitment to pioneering solutions that safeguard digital ecosystems, and fortify API security amidst the evolving cyber threat...

UBUNTU-CVE-2024-33918

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maxim K AJAX Login and Registration modal popup + inline form allows Stored XSS.This issue affects AJAX Login and Registration modal popup + inline form: from n/a through 2.23...

PT-2024-25551 · Unknown · Ajax Login/Registration Modal Popup + Inline Form

Name of the Vulnerable Software and Affected Versions: Maxim K AJAX Login and Registration modal popup + inline form versions n/a through 2.23 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Store...

WordPress plugin Inline Google Spreadsheet Viewer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Phlex vulnerable to Cross-site Scripting (XSS) via maliciously formed HTML attribute names and values

There is a potential cross-site scripting XSS vulnerability that can be exploited via maliciously crafted user data. The reason these issues were not detected before is the escapes were working as designed. However, their design didn't take into account just how recklessly permissive browser are...

kernel: ext4: kernel bug in ext4_write_inline_data_end()

A flaw was found in the openEuler kernel in Linux filesystem modules that allows an integer overflow via mounting a corrupted filesystem. This issue affects the openEuler kernel in versions from 4.19.90 through 4.19.90-2401.3 and 5.10.0-60.18.0 through 5.10.0-183.0.0...

kernel: ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline

In the Linux kernel, the following vulnerability has been resolved: ext4: fix delayed allocation bug in ext4clumapped for bigalloc + inline When converting files with inline data to extents, delayed allocations made on a file system created with both the bigalloc and inline options can result in...

PT-2024-25017 · Phlex · Phlex

Name of the Vulnerable Software and Affected Versions: Phlex versions prior to the patched versions available on RubyGems Description: The issue is a potential cross-site scripting XSS vulnerability that can be exploited via maliciously crafted user data. This occurs because the escapes were...

WordPress Inline Google Spreadsheet Viewer Plugin <= 0.13.2 is vulnerable to Cross Site Scripting (XSS)

Software Inline Google Spreadsheet Viewer Type Plugin Vulnerable versions = 0.13.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3674 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 23328dda23e9 Credits Krzyszto...

CVE-2022-48664

A vulnerability was found in the btrfs filesystem in the Linux kernel. This issue can cause a system hang during the unmount process if the space reclaim worker is not properly stopped, possibly leading to system instability. Mitigation Mitigation for this issue is either not available or the...

WordPress AJAX Login and Registration modal popup + inline form plugin <= 2.23 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin AJAX Login and Registration modal popup + inline form versions = 2.23...

Debian dla-3801 : emacs - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3801 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3801-1 [email protected]...

CVE-2022-48664 btrfs: fix hang during unmount when stopping a space reclaim worker

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix hang during unmount when stopping a space reclaim worker Often when running generic/562 from fstests we can hang during unmount, resulting in a trace like this: Sep 07 11:52:00 debian9 unknown: run fstests generic/562 ...

CVE-2024-32405

Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function...