Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the USB Yurex driver’s detection process. During this process, the BBU members are not set to an...

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the asyncsetregisters function not releasing the URB and request structures when the usbsubmiturb...

PT-2024-4901 · Oracle · Oracle E-Business Suite

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.3 through 12.2.13 Description: The issue is related to insufficient input validation in the Request Submission and Scheduling component of Oracle Concurrent Processing. This easily exploitable vulnerabili...

How to start to use device certificate check in Device Posture

In the following Citrix document, Device Certificate check in Device Postureone part of SPA Service has been introduced. This article is about how to submit a request to start to use it. Device certificate check with Device Posture service - Preview...

Process Steps Template Designer < 1.3 - CSRF to Stored Cross-Site Scripting (XSS)

The plugin did not properly check its CSRF nonce in the FontAwesomeField.save method, which could allow attackers to make logged in users capable of editing posts change the Step Icon of arbitrary Process Steps. Due to the lack of sanitisation of the submitted Step icon value, it could also lead ...

Cross-Site Request Forgery (CSRF)

nukeviet/nukeviet is vulnerable to cross site request forgery CSRF. The vulnerability exists as the application is not able to verify the authenticity of requests. An attacker is able to exploit the vulnerability and submit requests on behalf of the user to change profile details and password of...

WordPress Ultimate Product Catalogue 3.1.2 XSS / CSRF / File Upload

Exploit Title: Multiple Persistent XSS & CSRF & File Upload on Ultimate Product Catalogue 3.1.2 Google Dork: inurl:"SingleProduct" intext:"Back to catalogue" intext:"Category", inurl:"/wp-content/plugins/ultimate-product-catalogue/product-sheets/" Date: 22/04/2015 Exploit Author: Felipe Molina de...

[SECURITY] Fedora 16 Update: rt3-3.8.15-1.fc16

RT is an enterprise-grade ticketing system which enables a group of people to intelligently and efficiently manage tasks, issues, and requests submitt ed by a community of users...

[SECURITY] Fedora 15 Update: rt3-3.8.12-1.fc15

RT is an enterprise-grade ticketing system which enables a group of people to intelligently and efficiently manage tasks, issues, and requests submitt ed by a community of users...