CVE-2024-6138

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

CVE-2024-6138 Secure Copy Content Protection < 4.0.9 - Admin+ Stored XSS

The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

WordPress plugin Secure Copy Content Protection and Content Locking security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

WordPress Secure Copy Content Protection and Content Locking Plugin < 4.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Secure Copy Content Protection and Content Locking Type Plugin Vulnerable versions 4.0.9 Fixed in 4.0.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6138 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 386e7454f8d8...

PT-2024-37413 · WordPress · Secure Copy Content Protection/Content Locking

Name of the Vulnerable Software and Affected Versions: Secure Copy Content Protection and Content Locking WordPress plugin versions prior to 4.0.9 Description: The issue allows high privilege users, such as admin, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html...

PT-2024-29217

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock vulnerability has been resolved in the Linux kernel, specifically in the net: ks8851 module. The issue occurs when SMP is enabled and spinlocks are functional, causing a...

CLSA-2024-1719933179 kernel: Fix of 20 CVEs

net: iptunnel: make sure to pull inner header in iptunnelrcv CVE-2024-26882 - net: Set true network header for ECN decapsulation CVE-2024-26882 - media: dvb-core: Fix use-after-free due to race at dvbregisterdevice CVE-2022-45884 - media: dvbdev: fix error logic at dvbregisterdevice...

CLSA-2024-1719932549 kernel: Fix of 20 CVEs

net: iptunnel: make sure to pull inner header in iptunnelrcv CVE-2024-26882 - net: Set true network header for ECN decapsulation CVE-2024-26882 - media: dvb-core: Fix use-after-free due to race at dvbregisterdevice CVE-2022-45884 - media: dvbdev: fix error logic at dvbregisterdevice...

Libvirt: improper locking in virstoragepoolobjlistsearch may lead to denial of service

...

CVE-2024-39463

In the Linux kernel, the following vulnerability has been resolved: 9p: add missing locking around taking dentry fid list Fix a use-after-free on dentry's dfsdata fid list when a thread looks up a fid through dentry while another thread unlinks it: UAF thread: refcountt: addition on 0;...

CVE-2024-39463

In the Linux kernel, the following vulnerability has been resolved: 9p: add missing locking around taking dentry fid list Fix a use-after-free on dentry's dfsdata fid list when a thread looks up a fid through dentry while another thread unlinks it: UAF thread: refcountt: addition on 0;...

AZL-47844 CVE-2024-39463 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: 9p: add missing locking around taking dentry fid list Fix a use-after-free on dentry's dfsdata fid list when a thread looks up a fid through dentry while another thread unlinks it: UAF thread: refcountt: addition on 0;...

CVE-2024-39463

CVE-2024-39463 is a Linux kernel vulnerability in 9p: add missing locking around taking dentry fid list. The issue is a use-after-free on a dentry’s d_fsdata fid list when one thread looks up a fid through a dentry while another thread unlinks it. The UAF can occur in functions such as p9_fid_get...

CVE-2024-39463

In the Linux kernel, the following vulnerability has been resolved: 9p: add missing locking around taking dentry fid list Fix a use-after-free on dentry's dfsdata fid list when a thread looks up a fid through dentry while another thread unlinks it: UAF thread: refcountt: addition on 0;...

CVE-2024-39463 9p: add missing locking around taking dentry fid list

In the Linux kernel, the following vulnerability has been resolved: 9p: add missing locking around taking dentry fid list Fix a use-after-free on dentry's dfsdata fid list when a thread looks up a fid through dentry while another thread unlinks it: UAF thread: refcountt: addition on 0;...

CVE-2024-39463 9p: add missing locking around taking dentry fid list

In the Linux kernel, the following vulnerability has been resolved: 9p: add missing locking around taking dentry fid list Fix a use-after-free on dentry's dfsdata fid list when a thread looks up a fid through dentry while another thread unlinks it: UAF thread: refcountt: addition on 0;...

CVE-2024-39463 9p: add missing locking around taking dentry fid list

In the Linux kernel, the following vulnerability has been resolved: 9p: add missing locking around taking dentry fid list Fix a use-after-free on dentry's dfsdata fid list when a thread looks up a fid through dentry while another thread unlinks it: UAF thread: refcountt: addition on 0;...

Malicious code in activerecord_locking-symbolic (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Widespread Use of Rafel RAT Puts 3.9 Billion Android Devices at Risk

The new Rafel RAT is an Android malware capable of stealing data, spy on you, and even lock your phone. Keep your Android updated, download apps safely, and avoid phishing attacks to stay secure...

SUSE CVE-2022-48726

In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-free in...