CVE-2024-52386 WordPress Classified Listing plugin <= 3.1.16 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Classified Listing classified-listing allows PHP Local File Inclusion.This issue affects Classified Listing: from n/a through = 3.1.16...

Microsoft Exchange Server Spoofing Vulnerability (CNVD-2024-45320)

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides e-mail access, storage, forwarding, voice mail, e-mail filtering and screening. A spoofing vulnerability exists in Microsoft Exchange Server, which can be exploited by an attack...

CVE-2024-52381

CVE-2024-52381 affects the ZIJ KART WordPress plugin (versions

webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash

A vulnerability was found in WebKitGTK, where processing maliciously crafted web content may lead to program to a crash. This issue occurs because code execution is not discarded as consequence...

webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash

A vulnerability was found in WebKitGTK, where processing maliciously crafted web content may lead to program to a crash. This issue occurs because code execution is not discarded as consequence...

webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash

A vulnerability was found in WebKitGTK, where processing maliciously crafted web content may lead to program to a crash. This issue occurs because code execution is not discarded as consequence...

TCL Camera 安全漏洞

TCL Camera is a camera driver application from the Chinese company TCL. A security vulnerability exists in TCL Camera, which stems from exposing a provider program that is vulnerable to a path traversal vulnerability...

Wrap Up the Year with the Biggest Scope and Rewards Yet: Join the Wordfence Bug Bounty Program End of Year Holiday Extravaganza!

The holidays are here, and so is your chance to earn big while helping secure the WordPress ecosystem! For all submissions to our Bug Bounty Program from November 12, 2024, to December 9, 2024 , we’re rolling out our End of Year Holiday Extravaganza promotion to give back to our security...

kernel: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE

In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...

webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash

A vulnerability was found in WebKitGTK, where processing maliciously crafted web content may lead to the program crashing. Code execution is not discarded as a consequence...

webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash

A vulnerability was found in WebKitGTK, where processing maliciously crafted web content may lead to program to a crash. This issue occurs because code execution is not discarded as consequence...

Intel CIP 输入验证错误漏洞

Intel CIP is an Improvement Program program from Intel Corporation USA. An input validation error vulnerability exists in Intel CIP versions prior to 2.4.10852, which stems from incorrect input validation. An attacker can exploit the vulnerability to elevate privileges...

Intel CIP 安全漏洞

Intel CIP is an Improvement Program program from Intel Corporation USA. A security vulnerability exists in Intel CIP versions prior to 2.4.10852. An attacker can exploit the vulnerability to elevate privileges...

kernel: powerpc/64s: fix program check interrupt emergency stack path

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: fix program check interrupt emergency stack path Emergency stack path was jumping into a 3: label inside the GENCOMMONBODY macro for the normal path after it had finished, rather than jumping over it. By a small...

November 12, 2024—KB5046682 (Monthly Rollup)

November 12, 2024—KB5046682 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU...

CVE-2024-8882

A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80AAHN.1C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service DoS conditions via a crafted URL...

PT-2024-8145 · Zyxel · Zyxel Gs1900-48

Name of the Vulnerable Software and Affected Versions: Zyxel GS1900-48 switch firmware version V2.80AAHN.1C0 and earlier Description: A buffer overflow vulnerability in the CGI program could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service DoS...

Intel® CIP Software Advisory

Summary: Potential security vulnerabilities in some Intel® Computing Improvement Program software Intel® CIP may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2024-36276 Description: Insecure...

CVE-2024-50260 sock_map: fix a NULL pointer dereference in sock_map_link_update_prog()

In the Linux kernel, the following vulnerability has been resolved: sockmap: fix a NULL pointer dereference in sockmaplinkupdateprog The following race condition could trigger a NULL pointer dereference: sockmaplinkdetach: sockmaplinkupdateprog: mutexlock&sockmapmutex; ... sockmaplink-map = NULL;...

drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream

...