7471 matches found
UBUNTU-CVE-2023-39017
DISPUTED quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. This vulnerability is exploited via passing an unchecked argument. NOTE: this is disputed by multiple parties because it is not...
Discourse 安全漏洞
Discourse is an open source community discussion platform. The platform includes community, email, and chat room features. A security vulnerability exists in Discourse that originates from a malicious user being able to prevent a delayed queue from proceeding quickly on sites hosted in the same...
PT-2023-26739 · Unknown · Quartz-Jobs
Name of the Vulnerable Software and Affected Versions: quartz-jobs versions 2.3.2 and below Description: The issue is related to a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. This vulnerability is exploited via passing an unchecked argument to...
PT-2023-26478 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.0.6 of the stable branch and version 3.1.0.beta7 of the beta and tests-passed branches Description: A malicious user can prevent the defer queue from proceeding promptly on sites hosted in the same multisite...
Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service (CVE-2021-1523)
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in...
PT-2025-40716
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s wifi subsystem, specifically within the rtw88 driver. The issue involves a potential crash and memory leak during driver unloading. This occurs becaus...
IBM MQ Appliance 安全漏洞
IBM MQ Appliance is an all-in-one appliance for rapid deployment of enterprise-class messaging middleware from International Business Machines IBM. A security vulnerability exists in IBM MQ Appliance versions 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS that stems from vulnerability to denial-of-service...
The vulnerability of the Gunyah Resource Manager service on Android and Linux embedded platforms of Qualcomm devices allows a hacker to induce a service failure.
The vulnerability of the Gunyah Resource Manager service for Android and Linux embedded devices on Qualcomm systems is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a attacker to cause a service failure by sending specially crafted messages from the...
PT-2025-54162
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the initialization of wait queue head t. Specifically, the refscale test can occasionally cause a kernel crash due to an attempt to access an...
CVE-2023-3167
The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...
CVE-2023-3167
The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...
Cross site scripting
The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...
CVE-2023-3167 Mail Queue <= 1.1 - Unauthenticated Stored Cross-Site Scripting via Email Subject
The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...
CVE-2023-3167 Mail Queue <= 1.1 - Unauthenticated Stored Cross-Site Scripting via Email Subject
The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...
CVE-2023-3167
CVE-2023-3167 - WordPress Mail Queue plugin : Stored XSS in the Email Subject field affecting WordPress plugins Mail Queue versions up to 1.1 due to insufficient input sanitization and output escaping. Exploitation possible by unauthenticated attackers, injecting scripts that execute when a user ...
CVE-2023-3122 GD Mail Queue <= 3.9.3 - Unauthenticated Stored Cross-Site Scripting via Email
The GD Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via email contents in versions up to, and including, 3.9.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...
CVE-2023-3122
CVE-2023-3122 affects the GD Mail Queue plugin for WordPress. A stored XSS flaw arises from insufficient input sanitization and output escaping in email contents for versions up to 3.9.3, allowing unauthenticated attackers to inject scripts that execute when users load injected pages. Public disc...
PT-2023-23241 · WordPress · Gd Mail Queue
Name of the Vulnerable Software and Affected Versions: GD Mail Queue plugin for WordPress versions up to and including 3.9.3 Description: The issue arises from insufficient input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts in pages via emai...
WordPress Plugin GD Mail Queue 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Plugin Mail Queue 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A cross-site scripting vulnerability exists...