4330 matches found
CVE-2024-6889
The WordPress plugin Secure Copy Content Protection and Content Locking (versions ≤ 4.1.6) is affected. A vulnerability arises from not sanitising/escaping certain settings, enabling admin-level users to perform Stored XSS even when unfiltered_html is disallowed (e.g., multisite). Affected produc...
CVE-2024-6888 Secure Copy Content Protection and Content Locking < 4.1.7 - Admin+ Stored XSS
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...
WordPress Secure Copy Content Protection and Content Locking Plugin < 4.1.7 is vulnerable to Cross Site Scripting (XSS)
Software Secure Copy Content Protection and Content Locking Type Plugin Vulnerable versions 4.1.7 Fixed in 4.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6888 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7d4052a739ff...
WordPress plugin Secure Copy Content Protection and Content Locking 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...
The vulnerability of the ice component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the ice component in the Linux operating system’s kernel is related to the emergence of a race condition that can lead to mutual locking. In this condition, the interface leaves the LAG state and immediately re-enters the LAG state. Exploiting this vulnerability allows an...
WordPress plugin Secure Copy Content Protection and Content Locking 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...
kernel: vfio/pci: Lock external INTx masking ops
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops Mask operations through config space changes to DisINTx may race INTx configuration changes via ioctl. Create wrappers that add locking for paths outside of the core interrupt code. In...
Wordpress Secure Copy Content Protection And Content Locking Sccp_id Unauthenticated SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Secure Copy Content Protection and Content Locking sccpid Unauthenticated SQLi', 'Description' = %q Secure Copy Content Protection and...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-27014)
"The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27014 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while...
ROS-20240830-01
Vulnerability of the rndissetresponse function in the rndis component of the Linux kernel is related to the "BufOffset + 8" operation, which can cause an integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drm/vrr compone...
kernel: vfio/pci: Lock external INTx masking ops
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops Mask operations through config space changes to DisINTx may race INTx configuration changes via ioctl. Create wrappers that add locking for paths outside of the core interrupt code. In...
SUSE CVE-2024-44935
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...
The vulnerability of the xilinx_dpdma component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the xilinxdpdma component in the Linux operating system is related to improper locking mechanisms. Exploiting this vulnerability could allow an attacker to trigger a service failure...
DEBIAN-CVE-2024-44935
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...
CVE-2024-44935
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly locking in the sanitycheckextentcache function, leading to a memory reuse after release issue...
CVE-2022-48941
In the Linux kernel, the following vulnerability has been resolved: ice: fix concurrent reset and removal of VFs Commit c503e63200c6 "ice: Stop processing VF messages during teardown" introduced a driver state flag, ICEVFDEINITINPROGRESS, which is intended to prevent some issues with concurrently...
SUSE CVE-2022-48874
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix use-after-free and race in fastrpcmapfind Currently, there is a race window between the point when the mutex is unlocked in fastrpcmaplookup and the reference count increasing fastrpcmapget in fastrpcmapfind,...
CVE-2022-48920
In the Linux kernel, the following vulnerability has been resolved: btrfs: get rid of warning on transaction commit when using flushoncommit When using the flushoncommit mount option, during almost every transaction commit we trigger a warning from writebackinodessbnr: $ cat fs/fs-writeback.c:...
ROS-20240822-01
The vulnerability of the hubportinit function of the core component of the Linux operating system kernel is related to reading outside the memory boundaries. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity and availability of protected informatio...