Lucene search
K

4330 matches found

CVE
CVE
added 2024/09/04 6:0 a.m.48 views

CVE-2024-6889

The WordPress plugin Secure Copy Content Protection and Content Locking (versions ≤ 4.1.6) is affected. A vulnerability arises from not sanitising/escaping certain settings, enabling admin-level users to perform Stored XSS even when unfiltered_html is disallowed (e.g., multisite). Affected produc...

4.8CVSS4.7AI score0.00353EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/09/04 6:0 a.m.27 views

CVE-2024-6888 Secure Copy Content Protection and Content Locking < 4.1.7 - Admin+ Stored XSS

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

0.00377EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/09/04 12:0 a.m.11 views

WordPress Secure Copy Content Protection and Content Locking Plugin < 4.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Secure Copy Content Protection and Content Locking Type Plugin Vulnerable versions 4.1.7 Fixed in 4.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6888 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7d4052a739ff...

4.8CVSS5.8AI score0.00377EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2024/09/04 12:0 a.m.3 views

WordPress plugin Secure Copy Content Protection and Content Locking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

4.8CVSS5.9AI score0.00353EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/09/04 12:0 a.m.5 views

The vulnerability of the ice component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ice component in the Linux operating system’s kernel is related to the emergence of a race condition that can lead to mutual locking. In this condition, the interface leaves the LAG state and immediately re-enters the LAG state. Exploiting this vulnerability allows an...

5.5CVSS5.8AI score0.00182EPSS
Exploits0References10Affected Software2
CNNVD
CNNVD
added 2024/09/04 12:0 a.m.5 views

WordPress plugin Secure Copy Content Protection and Content Locking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

4.8CVSS5.9AI score0.00377EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2024/09/03 3:48 p.m.8 views

kernel: vfio/pci: Lock external INTx masking ops

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops Mask operations through config space changes to DisINTx may race INTx configuration changes via ioctl. Create wrappers that add locking for paths outside of the core interrupt code. In...

4.4CVSS6.8AI score0.00194EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.256 views

Wordpress Secure Copy Content Protection And Content Locking Sccp_id Unauthenticated SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Secure Copy Content Protection and Content Locking sccpid Unauthenticated SQLi', 'Description' = %q Secure Copy Content Protection and...

9.8CVSS7.4AI score0.78812EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2024/08/30 12:0 a.m.36 views

CBL Mariner 2.0 Security Update: kernel (CVE-2024-27014)

"The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27014 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while...

5.5CVSS6.1AI score0.00175EPSS
Exploits0References2
Redos
Redos
added 2024/08/30 12:0 a.m.28 views

ROS-20240830-01

Vulnerability of the rndissetresponse function in the rndis component of the Linux kernel is related to the "BufOffset + 8" operation, which can cause an integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drm/vrr compone...

7.8CVSS6.6AI score0.00257EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/08/28 12:34 p.m.3 views

kernel: vfio/pci: Lock external INTx masking ops

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops Mask operations through config space changes to DisINTx may race INTx configuration changes via ioctl. Create wrappers that add locking for paths outside of the core interrupt code. In...

4.4CVSS6.8AI score0.00194EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/08/28 2:25 a.m.4 views

SUSE CVE-2024-44935

In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...

5.5CVSS6.3AI score0.00226EPSS
Exploits0References14
BDU FSTEC
BDU FSTEC
added 2024/08/27 12:0 a.m.5 views

The vulnerability of the xilinx_dpdma component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the xilinxdpdma component in the Linux operating system is related to improper locking mechanisms. Exploiting this vulnerability could allow an attacker to trigger a service failure...

5.5CVSS6.7AI score0.00205EPSS
Exploits0References35Affected Software4
OSV
OSV
added 2024/08/26 11:15 a.m.1 views

DEBIAN-CVE-2024-44935

In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...

5.5CVSS5.6AI score0.00226EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/08/26 11:15 a.m.16 views

CVE-2024-44935

In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...

5.5CVSS6.3AI score0.00226EPSS
Exploits0References25
CNNVD
CNNVD
added 2024/08/26 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly locking in the sanitycheckextentcache function, leading to a memory reuse after release issue...

7.8CVSS6.5AI score0.00213EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2024/08/22 4:15 a.m.21 views

CVE-2022-48941

In the Linux kernel, the following vulnerability has been resolved: ice: fix concurrent reset and removal of VFs Commit c503e63200c6 "ice: Stop processing VF messages during teardown" introduced a driver state flag, ICEVFDEINITINPROGRESS, which is intended to prevent some issues with concurrently...

4.7CVSS6.2AI score0.00164EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2024/08/22 3:29 a.m.4 views

SUSE CVE-2022-48874

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix use-after-free and race in fastrpcmapfind Currently, there is a race window between the point when the mutex is unlocked in fastrpcmaplookup and the reference count increasing fastrpcmapget in fastrpcmapfind,...

7.8CVSS7.5AI score0.0023EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/08/22 1:32 a.m.15 views

CVE-2022-48920

In the Linux kernel, the following vulnerability has been resolved: btrfs: get rid of warning on transaction commit when using flushoncommit When using the flushoncommit mount option, during almost every transaction commit we trigger a warning from writebackinodessbnr: $ cat fs/fs-writeback.c:...

5.5CVSS6.1AI score0.00164EPSS
Exploits0
Redos
Redos
added 2024/08/22 12:0 a.m.47 views

ROS-20240822-01

The vulnerability of the hubportinit function of the core component of the Linux operating system kernel is related to reading outside the memory boundaries. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity and availability of protected informatio...

7.8CVSS7.2AI score0.0094EPSS
Exploits0
Rows per page
Query Builder