2120 matches found
Spoofing
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when cloning inline extents and using qgroups There are a few exceptional cases where cloning an inline extent needs to copy the inline extent data into a page of the destination inode. When this happens, we e...
CVE-2021-46987
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when cloning inline extents and using qgroups There are a few exceptional cases where cloning an inline extent needs to copy the inline extent data into a page of the destination inode. When this happens, we e...
UBUNTU-CVE-2021-46987
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when cloning inline extents and using qgroups There are a few exceptional cases where cloning an inline extent needs to copy the inline extent data into a page of the destination inode. When this happens, we e...
CVE-2021-46987
CVE-2021-46987: Linux kernel/btrfs deadlock when cloning inline extents with qgroups. Root cause: while cloning, a transaction flush can occur with destination iotree range locked and delalloc flush needing the same range, potentially deadlocking. This occurs specifically when qgroups reserve met...
GHSA-97M3-52WR-XVV2 Dompdf's usage of vulnerable version of phenx/php-svg-lib leads to restriction bypass and potential RCE
Summary A lack of sanitization/check in the font path returned by php-svg-lib, in the case of a inline CSS font defined, that will be used by Cpdf to open a font will be passed to a fileexists call, which is sufficient to trigger metadata unserializing on a PHAR file, through the phar:// URL...
Dompdf's usage of vulnerable version of phenx/php-svg-lib leads to restriction bypass and potential RCE
Summary A lack of sanitization/check in the font path returned by php-svg-lib, in the case of a inline CSS font defined, that will be used by Cpdf to open a font will be passed to a fileexists call, which is sufficient to trigger metadata unserializing on a PHAR file, through the phar:// URL...
SMB Fetch, Windows Meterpreter Shell, Reverse TCP Inline (IPv6) (x64)
Fetch and execute an x64 payload from an SMB server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/smb/x64/meterpreterreverseipv6tcp msf payloadmeterpreterreverseipv6tcp show actions ...actions... msf...
SMB Fetch, Windows Meterpreter Shell, Bind Named Pipe Inline (x64)
Fetch and execute an x64 payload from an SMB server. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/smb/x64/meterpreterbindnamedpipe msf payloadmeterpreterbindnamedpipe show actions ...actions... msf...
SMB Fetch, Windows x64 Pingback, Reverse TCP Inline
Fetch and execute an x64 payload from an SMB server. Connect back to attacker and report UUID Windows x64 Module Options msf use payload/cmd/windows/smb/x64/pingbackreversetcp msf payloadpingbackreversetcp show actions ...actions... msf payloadpingbackreversetcp set ACTION msf...
SMB Fetch, Windows Meterpreter Shell, Reverse HTTP Inline (x64)
Fetch and execute an x64 payload from an SMB server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/smb/x64/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf...
PT-2024-14223 · Allegra · Allegra
Name of the Vulnerable Software and Affected Versions: Allegra affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this issue, the existing authentication...
Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set
The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...
Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set
The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...
Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set
The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...
Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set
The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...
Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set
The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...
Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set
The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...
Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set
The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...
Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set
The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...
Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set
The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...