CVE-2023-51312

PHPJabbers Restaurant Booking System v3.0 is vulnerable to Reflected Cross-Site Scripting XSS in Reservations menu, Schedule section date parameter...

PT-2025-7302 · Phpjabbers · Phpjabbers Bus Reservation System

Name of the Vulnerable Software and Affected Versions: PHPJabbers Bus Reservation System version 1.1 Description: The issue allows an attacker to execute remote code due to insufficient input validation in the Languages section Labels any parameters field in System Options, which is used to...

bind security update

32:9.16.23-24.0.1.el95.3 - Fix bind: bind9: Many records in the additional section cause CPU exhaustion CVE-2024-11187...

CVE-2023-51312

PHPJabbers Restaurant Booking System v3.0 is vulnerable to Reflected Cross-Site Scripting XSS in Reservations menu, Schedule section date parameter...

bind security update

32:9.11.36-16.4 - Change patches applying to use -P parameter 32:9.11.36-16.3 - Limit additional section records CPU processing CVE-2024-11187 - Correct ANY queries to not have additional data appended...

CVE-2023-51312

CVE-2023-51312 affects PHPJabbers Restaurant Booking System v3.0, with a reflected Cross-Site Scripting (XSS) flaw in the Reservations menu and the Schedule date parameter. The underlying issue is untrusted input reflected in HTML/JavaScript contexts, enabling arbitrary script execution. Public e...

Many records in the additional section cause CPU exhaustion

...

CVE-2023-51301

A lack of rate limiting in the "Login Section, Forgot Email" feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

Elfutils 安全漏洞

GNU elfutils is an open source toolset for working with binaries, target files and shared libraries in the ELF Executable and Linkable Format format. GNU elfutils suffers from a buffer overflow vulnerability that stems from improper handling of z/x parameters by the...

Security update for bind

This update for bind fixes the following issues: CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: s390/entry: Mark IRQ entries to fix stack depot warnings The stack depot filters out everything outside of the top interrupt context as an uninteresting or irrelevant part of the stack traces. This helps with stack trace...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: The commit 5ec8e8ea8b77 “mm/sparsemem: fix race in accessing memorysection-usage” changed pfnsectionvalid to include a READONCE call around “ms-usage” to address a race condition with sectiondeactivate. In this case, ms-usage can...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Binder: Fixed a UAF Use-After-Free vulnerability caused by overwriting offset fields. Binder objects are processed and copied individually into the target buffer during transactions. Any raw data between these objects is also...

CVE-2025-24892

OpenProject is open-source, web-based project management software. In versions prior to 15.2.1, the application fails to properly sanitize user input before displaying it in the Group Management section. Groups created with HTML script tags are not properly escaped before rendering them in a...

Security update for bind

This update for bind fixes the following issues: CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...

CVE-2024-56018

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BU Web Team BU Section Editing bu-section-editing allows Reflected XSS.This issue affects BU Section Editing: from n/a through = 0.9.9...