IBM MQ Appliance 安全漏洞

IBM MQ Appliance is an all-in-one appliance for rapid deployment of enterprise-class messaging middleware from International Business Machines IBM. A security vulnerability exists in IBM MQ Appliance versions 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS that stems from vulnerability to denial-of-service...

The vulnerability of the Gunyah Resource Manager service on Android and Linux embedded platforms of Qualcomm devices allows a hacker to induce a service failure.

The vulnerability of the Gunyah Resource Manager service for Android and Linux embedded devices on Qualcomm systems is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a attacker to cause a service failure by sending specially crafted messages from the...

PT-2025-54162

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the initialization of wait queue head t. Specifically, the refscale test can occasionally cause a kernel crash due to an attempt to access an...

CVE-2023-3167

The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

CVE-2023-3167

The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

Cross site scripting

The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

CVE-2023-3167 Mail Queue <= 1.1 - Unauthenticated Stored Cross-Site Scripting via Email Subject

The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

CVE-2023-3167

CVE-2023-3167 - WordPress Mail Queue plugin : Stored XSS in the Email Subject field affecting WordPress plugins Mail Queue versions up to 1.1 due to insufficient input sanitization and output escaping. Exploitation possible by unauthenticated attackers, injecting scripts that execute when a user ...

CVE-2023-3167 Mail Queue <= 1.1 - Unauthenticated Stored Cross-Site Scripting via Email Subject

The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

CVE-2023-3122 GD Mail Queue <= 3.9.3 - Unauthenticated Stored Cross-Site Scripting via Email

The GD Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via email contents in versions up to, and including, 3.9.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

CVE-2023-3122

CVE-2023-3122 affects the GD Mail Queue plugin for WordPress. A stored XSS flaw arises from insufficient input sanitization and output escaping in email contents for versions up to 3.9.3, allowing unauthenticated attackers to inject scripts that execute when users load injected pages. Public disc...

PT-2023-23241 · WordPress · Gd Mail Queue

Name of the Vulnerable Software and Affected Versions: GD Mail Queue plugin for WordPress versions up to and including 3.9.3 Description: The issue arises from insufficient input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts in pages via emai...

WordPress Plugin GD Mail Queue 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Plugin Mail Queue 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A cross-site scripting vulnerability exists...

CVE-2023-29156

DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection. An attacker can exploit this vulnerability by injecting, at the right times, spoofed Open Drone ID ODID messages which force the DroneScout ds230 Remote ID...

Reactivated gauges can’t queue up rewards

Lines of code Vulnerability details Impact Reactivated gauges can’t queue up rewards Proof of Concept Active gauges as set by authorised users get their rewards queued up in the FlywheelGaugeRewards.queueRewards function. As part of it, their associated struct QueuedRewards updates its storedCycl...

部分MediaTek芯片 缓冲区错误漏洞

MediaTek chips are various chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in some MediaTek chips, which originates in cmdq, due to a lack of boundary checking, which may result in memory corruption leading to a local denial of service. The following products are...

The vulnerability of the maloc function in the Redis database management system allows a attacker to cause a service failure.

The vulnerability of the maloc function in the Redis database management system is related to queue overflow when a distributed queue is used. This can lead to unauthorized writes outside of the bound process or errors in the process. Exploiting this vulnerability allows an attacker to cause...

Vulnerabilities fixed in IBM MQ

IBM has fixed vulnerabilities in MQ, in both the appliance and the server software. A malicious party could exploit them to cause a denial-of-service DoS, gain access gain access to sensitive data in the queue or to execute arbitrary execute arbitrary code with user privileges. IBM has released...

WordPress Mail Queue Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Mail Queue Type Plugin Vulnerable versions = 1.1 Fixed in 1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3167 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID fb19b2f489d6 Credits Alex Thomas Required privilege...