129 matches found
BELL-CVE-2025-1182
Bulletin has no description...
The vulnerability of the Linux operating system’s PCI Core component allows a hacker to trigger a service failure.
The vulnerability of the Linux operating system’s PCIe kernel component is related to the assignment of the NULL pointer in the functions brcmfpcieproviderandombytes and brcmfpciedownloadfwnvram. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2024-52344 WordPress Provide Forex Signals plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeies Pvt Ltd Provide Forex Signals provide-forex-signals allows Stored XSS.This issue affects Provide Forex Signals: from n/a through = 1.0...
WordPress plugin Provide Forex Signals 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
WordPress Provide Forex Signals plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Provide Forex Signals versions = 1.0...
WordPress Provide Forex Signals Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
Software Provide Forex Signals Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52344 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 641cced34713 Credits SOPROBRO Required privilege...
The vulnerability of the `io_provide_buffers_prep()` function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of data.
The vulnerability of the ioprovidebuffersprep function in the Linux operating system arises due to an overflow in the stack buffer. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of data...
SUSE CVE-2021-47040
In the Linux kernel, the following vulnerability has been resolved: iouring: fix overflows checks in provide buffers Colin reported before possible overflow and sign extension problems in ioprovidebuffersprep. As Linus pointed out previous attempt did nothing useful, see d81269fecb8ce "iouring: f...
DEBIAN-CVE-2021-47040
In the Linux kernel, the following vulnerability has been resolved: iouring: fix overflows checks in provide buffers Colin reported before possible overflow and sign extension problems in ioprovidebuffersprep. As Linus pointed out previous attempt did nothing useful, see d81269fecb8ce "iouring: f...
UBUNTU-CVE-2021-47040
In the Linux kernel, the following vulnerability has been resolved: iouring: fix overflows checks in provide buffers Colin reported before possible overflow and sign extension problems in ioprovidebuffersprep. As Linus pointed out previous attempt did nothing useful, see d81269fecb8ce "iouring: f...
CVE-2021-47040 io_uring: fix overflows checks in provide buffers
In the Linux kernel, the following vulnerability has been resolved: iouring: fix overflows checks in provide buffers Colin reported before possible overflow and sign extension problems in ioprovidebuffersprep. As Linus pointed out previous attempt did nothing useful, see d81269fecb8ce "iouring: f...
CVE-2021-47040
In the Linux kernel, the following vulnerability has been resolved: iouring: fix overflows checks in provide buffers Colin reported before possible overflow and sign extension problems in ioprovidebuffersprep. As Linus pointed out previous attempt did nothing useful, see d81269fecb8ce "iouring: f...
CVE-2023-37222
Farsight Tech Nordic AB ProVide version 14.5 - Multiple XSS vulnerabilities CWE-79 can be exploited by a user with administrator privilege...
CVE-2023-37222 Farsight Tech Nordic AB ProVide
Farsight Tech Nordic AB ProVide version 14.5 - Multiple XSS vulnerabilities CWE-79 can be exploited by a user with administrator privilege...
CVE-2023-37222 Farsight Tech Nordic AB ProVide
Farsight Tech Nordic AB ProVide version 14.5 - Multiple XSS vulnerabilities CWE-79 can be exploited by a user with administrator privilege...
CVE-2023-37222
CVE-2023-37222 affects Farsight Tech Nordic AB ProVide 14.5. The vulnerability is multiple Cross-Site Scripting (CWE-79) in the web interface that can be exploited by a user with administrator privileges, with user interaction required. CVSS details from NVD indicate a low/moderate overall impact...
Vastgota-data ProVide Cross-Site Scripting Vulnerability
Vastgota-data ProVide is a file transfer server with a graphical user interface from the Swedish company Vastgota-data. A cross-site scripting vulnerability exists in Vastgota-data ProVide now Farsight Tech Nordic AB ProVide version 14.5, which can be exploited by an attacker to inject malicious...
PT-2023-25841 · Farsight Tech Nordic Ab · Provide
Name of the Vulnerable Software and Affected Versions: Farsight Tech Nordic AB ProVide version 14.5 Description: Multiple XSS vulnerabilities can be exploited by a user with administrator privilege. Recommendations: For version 14.5, consider disabling access to administrator privileges until a...
Provide Server v.14.4 XSS - CSRF & Remote Code Execution (RCE)
Exploit Title: Provide Server v.14.4 XSS - CSRF & Remote Code Execution RCE Date: 2023-02-10 Exploit Author: Andreas Finstad Version: 14.4.1.29 Tested on: Windows Server 2022 CVE : CVE-2023-23286 POC: https://f20.be/blog/provide-server-14-4...
SUSE CVE-2021-3491
The iouring subsystem in the Linux kernel allowed the MAXRWCOUNT limit to be bypassed in the PROVIDEBUFFERS operation, which led to negative values being usedin memrw when reading /proc//mem. This could be used to create a heap overflow leading to arbitrary code execution in the kernel. It was...