2131 matches found
Mozilla Firefox 安全特征问题漏洞
Mozilla Firefox is an open source Web browser from the Mozilla Foundation. Mozilla Firefox is vulnerable to a security feature problem in which iframe sandboxing rules are not properly applied to XSLT style sheets and an attacker can use the vulnerability to bypass implemented security restrictio...
UVI-2021-1001883 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.15 by commit...
GSD-2021-1001883 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.15 by commit...
UVI-2021-1001844 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.76 by commit...
UVI-2021-1001802 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.214 by commit...
GSD-2021-1001802 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.214 by commit...
UVI-2021-1001789 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.253 by commit...
UVI-2021-1001780 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.288 by commit...
WordPress Inline Related Posts plugin <= 3.0.4 - Cross-Site Scripting (XSS) vulnerability
Cross-Site Scripting XSS vulnerability discovered by Martin Vierula Trustwave in WordPress Inline Related Posts plugin versions = 3.0.4. Solution Update the WordPress Inline Related Posts plugin to the latest available version at least 3.0.5...
Inline Related Posts < 3.0.5 - Admin+ Cross-Site Scripting
Multiple parameters are vulnerable to stored Cross-site Scripting. The vulnerabilities require admin privileges to exploit. In each case the script will execute for every user viewing a post that contains one of the inline references. PoC POST...
WordPress Inline Related Posts 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the Inline...
The vulnerability of the ext4_writeinline_data_end function (fs/ext4/inline.c) in the Linux kernel allows a attacker to compromise the integrity, accessibility, and confidentiality of data.
The vulnerability of the ext4writeinlinedataend function fs/ext4/inline.c in the Linux kernel arises from the simultaneous execution using shared resources with incorrect synchronization in the “race condition” scenario. Exploiting this vulnerability can allow an attacker to compromise the...
OESA-2021-1366 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.CVE-2021-40490 A flaw was found in the KVM's AMD code for supporting SVM nested virtualizatio...
A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.
...
AZL-6595 CVE-2021-40490 affecting package kernel for versions less than 5.10.78.1-1
A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13...
DEBIAN-CVE-2021-40490
A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13...
UBUNTU-CVE-2021-40490
A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13...
GHSA-72HM-FX78-XWHC XSS vulnerability on contacts view
Impact Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack through the contact's first or last name and triggered when viewing a contact's details page then clicking on the action drop down and hovering over the Campaigns button. Contact first and last name can be populat...
XSS vulnerability on contacts view
Impact Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack through the contact's first or last name and triggered when viewing a contact's details page then clicking on the action drop down and hovering over the Campaigns button. Contact first and last name can be populat...
XSS vulnerability on asset view
Impact Mautic versions before 3.3.4 / 4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit assets. Patch...