2291 matches found
Malicious code in activeadmin-searchable-select (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in react-select-custom-commit (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2940 Malicious code in react-select-custom-commit (npm)
--- -= Per source details. Do not edit below this line.=-...
SUSE CVE-2021-47576
In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Sanity check block descriptor length in respmodeselect In respmodeselect sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in respmodeselect+0xa4c/0xb40 drivers/scsi/scsidebug.c:2509...
DEBIAN-CVE-2021-47576
In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Sanity check block descriptor length in respmodeselect In respmodeselect sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in respmodeselect+0xa4c/0xb40 drivers/scsi/scsidebug.c:2509...
UBUNTU-CVE-2021-47576
In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Sanity check block descriptor length in respmodeselect In respmodeselect sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in respmodeselect+0xa4c/0xb40 drivers/scsi/scsidebug.c:2509...
CVE-2021-47576 scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()
In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Sanity check block descriptor length in respmodeselect In respmodeselect sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in respmodeselect+0xa4c/0xb40 drivers/scsi/scsidebug.c:2509...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from respmodeselect in scsi scsidebug that does not perform an integrity check on block descriptor length...
CVE-2024-24051
Improper input validation of printing files in Monoprice Select Mini V2 V37.115.32 allows attackers to instruct the device's movable parts to destinations that exceed the devices' maximum coordinates via the printing of a malicious .gcode file...
CVE-2024-24051
Improper input validation of printing files in Monoprice Select Mini V2 V37.115.32 allows attackers to instruct the device's movable parts to destinations that exceed the devices' maximum coordinates via the printing of a malicious .gcode file...
Monoprice Select Mini Security Vulnerability
Monoprice Select Mini is a 3D printer from Monoprice USA. A security vulnerability exists in Monoprice Select Mini V2 version V37.115.32, which originates from an improper input validation issue in a print file, allowing an attacker to indicate the device's moveable parts to a destination beyond...
CVE-2024-24051
CVE-2024-24051 concerns Monoprice Select Mini V2 (firmware version V37.115.32). The root cause is improper input validation of printing files (.gcode), enabling an attacker with local access and user interaction to instruct movable parts to destinations beyond the printer’s maximum coordinates. T...
CVE-2024-24051
Improper input validation of printing files in Monoprice Select Mini V2 V37.115.32 allows attackers to instruct the device's movable parts to destinations that exceed the devices' maximum coordinates via the printing of a malicious .gcode file...
CVE-2024-24051
Improper input validation of printing files in Monoprice Select Mini V2 V37.115.32 allows attackers to instruct the device's movable parts to destinations that exceed the devices' maximum coordinates via the printing of a malicious .gcode file...
CVE-2024-1873
parisneo/lollms-webui is vulnerable to path traversal and denial of service attacks due to an exposed /selectdatabase endpoint in version a9d16b0. The endpoint improperly handles file paths, allowing attackers to specify absolute paths when interacting with the DiscussionsDB instance. This flaw...
PT-2024-27150 · Oneflow · Oneflow
Name of the Vulnerable Software and Affected Versions: Oneflow version 0.9.1 Description: The issue allows attackers to cause a Denial of Service DoS via inputting a negative value into the oneflow.index select parameter. Recommendations: For Oneflow version 0.9.1, as a temporary workaround,...
CVE-2024-34551
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Select-Themes Stockholm allows PHP Local File Inclusion.This issue affects Stockholm: from n/a through 9.6...
CVE-2024-34552
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Select-Themes Stockholm allows PHP Local File Inclusion.This issue affects Stockholm: from n/a through 9.6...
CVE-2024-34551
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Select-Themes Stockholm allows PHP Local File Inclusion.This issue affects Stockholm: from n/a through 9.6...
CVE-2024-34554
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Select-Themes Stockholm Core allows PHP Local File Inclusion.This issue affects Stockholm Core: from n/a through 2.4.1...