111 matches found
CVE-2024-4354 TablePress – Tables in WordPress made easy <= 2.3 - Authenticated (Author+) Server-Side Request Forgery via DNS Rebind
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3 via the getfilestoimport function. This makes it possible for authenticated attackers, with author-level access and above, to make web request...
CVE-2024-4354 TablePress – Tables in WordPress made easy <= 2.3 - Authenticated (Author+) Server-Side Request Forgery via DNS Rebind
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3 via the getfilestoimport function. This makes it possible for authenticated attackers, with author-level access and above, to make web request...
CVE-2024-4354
CVE-2024-4354 concerns the WordPress plugin TablePress (
CVE-2024-4354 TablePress – Tables in WordPress made easy <= 2.3 - Authenticated (Author+) Server-Side Request Forgery via DNS Rebind
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3 via the getfilestoimport function. This makes it possible for authenticated attackers, with author-level access and above, to make web request...
SUSE CVE-2024-35974
In the Linux kernel, the following vulnerability has been resolved: block: fix q-blkglist corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q-blkglist when calling blkcginitdisk for rebind, then...
CVE-2024-35974
In the Linux kernel, the following vulnerability has been resolved: block: fix q-blkglist corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q-blkglist when calling blkcginitdisk for rebind, then...
DEBIAN-CVE-2024-35974
In the Linux kernel, the following vulnerability has been resolved: block: fix q-blkglist corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q-blkglist when calling blkcginitdisk for rebind, then...
CVE-2024-35974
In the Linux kernel, the following vulnerability has been resolved: block: fix q-blkglist corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q-blkglist when calling blkcginitdisk for rebind, then...
UBUNTU-CVE-2024-35974
In the Linux kernel, the following vulnerability has been resolved: block: fix q-blkglist corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q-blkglist when calling blkcginitdisk for rebind, then...
CVE-2024-35974 block: fix q->blkg_list corruption during disk rebind
In the Linux kernel, the following vulnerability has been resolved: block: fix q-blkglist corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q-blkglist when calling blkcginitdisk for rebind, then...
CVE-2024-35974 block: fix q->blkg_list corruption during disk rebind
In the Linux kernel, the following vulnerability has been resolved: block: fix q-blkglist corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q-blkglist when calling blkcginitdisk for rebind, then...
CVE-2024-35974 block: fix q->blkg_list corruption during disk rebind
In the Linux kernel, the following vulnerability has been resolved: block: fix q-blkglist corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q-blkglist when calling blkcginitdisk for rebind, then...
CVE-2024-35974
CVE-2024-35974 affects the Linux kernel block subsystem. The vulnerability arises from a q->blkg_list corruption introduced when multiple gendisk instances are allocated for a single request queue during disk rebind, allowing a blkg to linger in q->blkg_list during blkcg_init_disk() and thu...
CVE-2024-35974
In the Linux kernel, the following vulnerability has been resolved: block: fix q-blkglist corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q-blkglist when calling blkcginitdisk for rebind, then...
UBUNTU-CVE-2024-26996
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix UAF ncm object at re-bind after usb ep transport error When ncm function is working and then stop usb0 interface for link down, ethstop is called. At this piont, accidentally if usb transport error should...
DNS Rebind Attack
Docker is vulnerable to DNS Rebind Attack. This vulnerability is due to the lack of proper isolation between containers and the host's DNS resolver, allowing malicious actors to exploit DNS rebinding to bypass network restrictions...
CVE-2023-28462
A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 Enterprise, 5.20.0 and newer Enterprise, and 5.2020.1 and newer Community, when Java 1.8u181 and earlier is used, allows remote attackers to load malicious code on the server once a JNDI directory scan is performed...
CVE-2023-28462
A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 Enterprise, 5.20.0 and newer Enterprise, and 5.2020.1 and newer Community, when Java 1.8u181 and earlier is used, allows remote attackers to load malicious code on the server once a JNDI directory scan is performed...
CVE-2023-28462
A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 Enterprise, 5.20.0 and newer Enterprise, and 5.2020.1 and newer Community, when Java 1.8u181 and earlier is used, allows remote attackers to load malicious code on the server once a JNDI directory scan is performed...
CVE-2023-28462
A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 Enterprise, 5.20.0 and newer Enterprise, and 5.2020.1 and newer Community, when Java 1.8u181 and earlier is used, allows remote attackers to load malicious code on the server once a JNDI directory scan is performed...