CVE-2024-45017 net/mlx5: Fix IPsec RoCE MPV trace call

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix IPsec RoCE MPV trace call Prevent the call trace below from happening, by not allowing IPsec creation over a slave, if master device doesn't support IPsec. WARNING: CPU: 44 PID: 16136 at kernel/locking/rwsem.c:240...

NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt

...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a page table locking issue in the mm/hugetlb component. No details of the vulnerability are provided at this...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a stateful locking issue in the net/mlx5e component. No details of the vulnerability are provided at this ti...

SUSE CVE-2024-44950

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: fix invalid FIFO access with special register set When enabling access to the special register set, Receiver time-out and RHR interrupts can happen. In this case, the IRQ handler will try to read from the FIFO...

CVE-2024-44951

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: fix TX fifo corruption Sometimes, when a packet is received on channel A at almost the same time as a packet is about to be transmitted on channel B, we observe with a logic analyzer that the received packet on...

CVE-2024-44952

CVE-2024-44952 is associated with Siemens SCALANCE and RUGGEDCOM devices (OT environment). The issue is described as an improper locking that could lead to a deadlock in driver core during device detachment/attribute handling. The cited advisory fixes the problem by using synchronize_rcu() to pre...

CVE-2024-44951 serial: sc16is7xx: fix TX fifo corruption

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: fix TX fifo corruption Sometimes, when a packet is received on channel A at almost the same time as a packet is about to be transmitted on channel B, we observe with a logic analyzer that the received packet on...

CVE-2024-44951

Idea: CVE-2024-44951 affects the Linux kernel’s serial driver for sc16is7xx (TX/RX channel handling).What’s affected: The regression caused by commit 4409df5866b7 that changed EFR locking to operate per channel introduced TX buffer data corruption where data from channel A could be written into c...

CVE-2024-44951 serial: sc16is7xx: fix TX fifo corruption

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: fix TX fifo corruption Sometimes, when a packet is received on channel A at almost the same time as a packet is about to be transmitted on channel B, we observe with a logic analyzer that the received packet on...

CVE-2024-44951

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: fix TX fifo corruption Sometimes, when a packet is received on channel A at almost the same time as a packet is about to be transmitted on channel B, we observe with a logic analyzer that the received packet on...

WordPress Secure Copy Content Protection and Content Locking plugin < 4.1.7 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by [email protected] in WordPress Plugin Secure Copy Content Protection and Content Locking versions 4.1.7...

CVE-2024-6889

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

CVE-2024-6888

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

CVE-2024-6888

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

CVE-2024-6889

The WordPress plugin Secure Copy Content Protection and Content Locking (versions ≤ 4.1.6) is affected. A vulnerability arises from not sanitising/escaping certain settings, enabling admin-level users to perform Stored XSS even when unfiltered_html is disallowed (e.g., multisite). Affected produc...

CVE-2024-6888 Secure Copy Content Protection and Content Locking < 4.1.7 - Admin+ Stored XSS

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

WordPress Secure Copy Content Protection and Content Locking Plugin < 4.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Secure Copy Content Protection and Content Locking Type Plugin Vulnerable versions 4.1.7 Fixed in 4.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6888 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7d4052a739ff...

WordPress plugin Secure Copy Content Protection and Content Locking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

WordPress plugin Secure Copy Content Protection and Content Locking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...