Lucene search
K

146 matches found

Positive Technologies
Positive Technologies
added 2024/07/12 12:0 a.m.5 views

PT-2024-29166 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises when replacing an old shmem folio with a new one, causing mem cgroup migrate to clear the old folio's memcg data. As a result, the old folio cannot obtain the correct...

9.8CVSS6.7AI score0.02701EPSS
Exploits3References694
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.9 views

PT-2024-30632 · WordPress · Codesigner Woocommerce Builder For Elementor

Name of the Vulnerable Software and Affected Versions: The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More plugin for WordPress versions up to, and including, 4.4.1 Description: The issue is related to PHP Object Injection via deserialization of...

9.8CVSS7.9AI score0.00675EPSS
Exploits0References6
OSV
OSV
added 2024/05/19 9:15 a.m.3 views

DEBIAN-CVE-2024-35872

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix GUP-fast succeeding on secretmem folios folioissecretmem currently relies on secretmem folios being LRU folios, to save some cycles. However, folios might reside in a folio batch without the LRU flag set, or...

5.5CVSS5.7AI score0.00225EPSS
Exploits0References1
OSV
OSV
added 2024/05/19 9:15 a.m.3 views

UBUNTU-CVE-2024-35872

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix GUP-fast succeeding on secretmem folios folioissecretmem currently relies on secretmem folios being LRU folios, to save some cycles. However, folios might reside in a folio batch without the LRU flag set, or...

5.5CVSS6.2AI score0.00225EPSS
Exploits0References20
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.3 views

kernel: kernel: Denial of Service via memory leak in LRU hash maps

A flaw was found in the Linux kernel. A local user could exploit a memory leak vulnerability in the Least Recently Used LRU and LRUPERCPU hash maps. This occurs when the kernel allocates a new element during a map update but fails to release it if the hash table bucket cannot be locked. Repeated...

5.7AI score0.00157EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.3 views

kernel: drm/ttm: fix bulk_move corruption when adding a entry

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix bulkmove corruption when adding a entry When the resource is the first in the bulkmove range, adding it again thus moving it to the tail will corrupt the list since the first pointer is not moved. This eventually lea...

5.5CVSS6.8AI score0.00134EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/03/26 12:0 a.m.15 views

PT-2024-8381 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the cachestat component in the Linux kernel, which can cause errors when racing with swapping and invalidation. There are two possible bugs: a swapin error can...

9.1CVSS6.6AI score0.01635EPSS
Exploits0References845
NVD
NVD
added 2024/02/12 8:15 a.m.26 views

CVE-2024-24797

Deserialization of Untrusted Data vulnerability in G5Theme ERE Recently Viewed – Essential Real Estate Add-On.This issue affects ERE Recently Viewed – Essential Real Estate Add-On: from n/a through 1.3...

9.8CVSS9.6AI score0.00646EPSS
Exploits0References1
OSV
OSV
added 2024/02/12 8:15 a.m.5 views

CVE-2024-24797

Deserialization of Untrusted Data vulnerability in G5Theme ERE Recently Viewed – Essential Real Estate Add-On.This issue affects ERE Recently Viewed – Essential Real Estate Add-On: from n/a through 1.3...

9.8CVSS7.3AI score0.00646EPSS
Exploits0References1
Prion
Prion
added 2024/02/12 8:15 a.m.24 views

Deserialization of untrusted data

Deserialization of Untrusted Data vulnerability in G5Theme ERE Recently Viewed – Essential Real Estate Add-On.This issue affects ERE Recently Viewed – Essential Real Estate Add-On: from n/a through 1.3...

7.5CVSS7.2AI score0.00646EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/12 7:19 a.m.12 views

CVE-2024-24797 WordPress ERE Recently Viewed Plugin <= 1.3 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in G5Theme ERE Recently Viewed – Essential Real Estate Add-On.This issue affects ERE Recently Viewed – Essential Real Estate Add-On: from n/a through 1.3...

9.8CVSS6.9AI score0.00646EPSS
Exploits0References1
CVE
CVE
added 2024/02/12 7:19 a.m.67 views

CVE-2024-24797

CVE-2024-24797 affects the WordPress plugin ERE Recently Viewed – Essential Real Estate Add-On (G5Theme) with Deserialization of Untrusted Data leading to unauthenticated PHP Object Injection. Affected versions are 1.3 and earlier; patch available in version 2.0. The CVE is rated CRITICAL (CVSS 3...

9.8CVSS8.6AI score0.00646EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/02/12 7:19 a.m.36 views

CVE-2024-24797 WordPress ERE Recently Viewed Plugin <= 1.3 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in G5Theme ERE Recently Viewed – Essential Real Estate Add-On.This issue affects ERE Recently Viewed – Essential Real Estate Add-On: from n/a through 1.3...

9.8CVSS9.7AI score0.00646EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/02/12 12:0 a.m.4 views

WordPress Plugin ERE Recently Viewed Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

9.8CVSS8.8AI score0.00646EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2024/02/05 12:0 a.m.15 views

ERE Recently Viewed < 2.0 - Unauthenticated PHP Object Injection

Description The plugin is vulnerable to PHP Object Injection via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker...

7.5CVSS9.8AI score0.00646EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/01/31 12:0 a.m.13 views

WordPress ERE Recently Viewed Plugin <= 1.3 is vulnerable to PHP Object Injection

Software ERE Recently Viewed Type Plugin Vulnerable versions = 1.3 Fixed in 2.0 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-24797 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 835850fa9817 Credits Yudistira Arya Required privilege...

9.8CVSS6.8AI score0.00646EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/12/19 8:15 p.m.22 views

CVE-2023-34027

Deserialization of Untrusted Data vulnerability in Rajnish Arora Recently Viewed Products.This issue affects Recently Viewed Products: from n/a through 1.0.0...

9.8CVSS0.00768EPSS
Exploits0References1
OSV
OSV
added 2023/12/19 8:15 p.m.4 views

CVE-2023-34027

Deserialization of Untrusted Data vulnerability in Rajnish Arora Recently Viewed Products.This issue affects Recently Viewed Products: from n/a through 1.0.0...

9.8CVSS7.3AI score0.00768EPSS
Exploits0References1
Prion
Prion
added 2023/12/19 8:15 p.m.20 views

Deserialization of untrusted data

Deserialization of Untrusted Data vulnerability in Rajnish Arora Recently Viewed Products.This issue affects Recently Viewed Products: from n/a through 1.0.0...

7.5CVSS7.2AI score0.00768EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/19 7:44 p.m.44 views

CVE-2023-34027

CVE-2023-34027: WordPress Recently Viewed Products plugin ≤1.0.0 is reported vulnerable to unauthenticated PHP object injection (deserialization of untrusted data). Public sources in the connected documents identify the affected software and version range, with the vulnerability title/description...

9.8CVSS8.6AI score0.00768EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder