199 matches found
CVE-2022-49538 ALSA: jack: Access input_dev under mutex
In the Linux kernel, the following vulnerability has been resolved: ALSA: jack: Access inputdev under mutex It is possible when using ASoC that inputdev is unregistered while calling sndjackreport, which causes NULL pointer dereference. In order to prevent this serialize access to inputdev using...
CVE-2022-49538
CVE-2022-49538 affects the Linux kernel’s ALSA jack path in ASoC. The issue arises when input_dev is unregistered while snd_jack_report is called, potentially causing a NULL pointer dereference. The documented fix is to serialize access to input_dev using a mutex. The connected sources confirm th...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not accessing inputdev under a mutex lock during a call to sndjackreport, which could result in a null point...
CVE-2024-49610
Unrestricted Upload of File with Dangerous Type vulnerability in photokiteditor photokit photokit allows Upload a Web Shell to a Web Server.This issue affects photokit: from n/a through = 1.0...
CISA: Jack Rabbit II Update and Impacts
System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...
CISA: Jack Rabbit III Initiatives
System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...
The vulnerabilities of AsoC components in the Linux operating system’s kernel allow attackers to trigger service failures.
The vulnerability of the AsoC components in the Linux operating system’s kernel is related to improper input validation in the sofsdwRtsdcajackexit function. Exploiting this vulnerability can allow an attacker to cause a service failure...
Botan 安全漏洞
Botan is a C++ cryptographic library by the individual developer Jack Lloyd. A security vulnerability exists in versions of Botan prior to 3.6.0, which stems from a compiler-caused secret dependency operation when compiling with some versions of GCC. An addition operation could be skipped if the...
CVE-2024-49610
Unrestricted Upload of File with Dangerous Type vulnerability in photokiteditor photokit photokit allows Upload a Web Shell to a Web Server.This issue affects photokit: from n/a through = 1.0...
CVE-2024-49610 WordPress photokit plugin <= 1.0 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in photokiteditor photokit photokit allows Upload a Web Shell to a Web Server.This issue affects photokit: from n/a through = 1.0...
CVE-2024-49610 WordPress photokit plugin <= 1.0 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Jack Zhu allows Upload a Web Shell to a Web Server.This issue affects photokit: from n/a through 1.0...
WordPress Ultimate Member plugin <= 2.8.6 - Cross-Site Request Forgery to Membership Status Change vulnerability
Cross-Site Request Forgery to Membership Status Change vulnerability discovered by Jack Taylor in WordPress Plugin Ultimate Member versions = 2.8.6...
WordPress Reviews Feed plugin <= 1.1.2 - Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery vulnerability discovered by Sajjad Ahmad jacksparrow in WordPress Plugin Reviews Feed versions = 1.1.2...
WordPress Custom Field Suite plugin <= 2.6.7 - Authenticated Stored Cross-Site Scripting vulnerability
Authenticated Stored Cross-Site Scripting vulnerability discovered by Jack Taylor in WordPress Plugin Custom Field Suite versions = 2.6.7...
WordPress Download Manager plugin <= 3.2.92 - Authenticated Stored Cross-Site Scripting vulnerability
Authenticated Stored Cross-Site Scripting vulnerability discovered by Jack Taylor in WordPress Plugin Download Manager versions = 3.2.92...
WordPress Custom Field Suite plugin <= 2.6.7 - Authenticated Stored Cross-Site Scripting vulnerability
Authenticated Stored Cross-Site Scripting vulnerability discovered by Jack Taylor in WordPress Plugin Custom Field Suite versions = 2.6.7...
SUSE CVE-2023-52697
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdwrtsdcajackcommon: ctx-headsetcodecdev = NULL sofsdwrtsdcajackexit are used by different codecs, and some of them use the same dai name. For example, rt712 and rt713 both use "rt712-sdca-aif1" and...
SUSE CVE-2024-26722
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix deadlock in rt5645jackdetectwork There is a path in rt5645jackdetectwork, where rt5645-jdmutex is left locked forever. That may lead to deadlock when rt5645jackdetectwork is called for the second time. Found by...
CVE-2024-26722
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix deadlock in rt5645jackdetectwork There is a path in rt5645jackdetectwork, where rt5645-jdmutex is left locked forever. That may lead to deadlock when rt5645jackdetectwork is called for the second time. Found by...
DEBIAN-CVE-2024-26722
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix deadlock in rt5645jackdetectwork There is a path in rt5645jackdetectwork, where rt5645-jdmutex is left locked forever. That may lead to deadlock when rt5645jackdetectwork is called for the second time. Found by...