Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the inclusion of a kernel information leak in the rawrecvmsg function, where the j1939sendone function creat...

July 23, 2024—KB5040525 (OS Build 19045.4717) Preview

July 23, 2024—KB5040525 OS Build 19045.4717 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page. Note Follow...

SUSE CVE-2022-48857

In the Linux kernel, the following vulnerability has been resolved: NFC: port100: fix use-after-free in port100sendcomplete Syzbot reported UAF in port100sendcomplete. The root case is in missing usbkillurb calls on error handling path of -probe function. port100sendcomplete accesses devm allocat...

kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg

A vulnerability was found in the Linux kernel's HNS3 network driver related to a use-after-free condition in the hclgevfsendmbxmsg function. The issue occurs when the hns3remove function uninstalls a client instance before uninstalling the acceleration engine device, leading to access of freed...

DEBIAN-CVE-2024-40919

In the Linux kernel, the following vulnerability has been resolved: bnxten: Adjust logging of firmware messages in case of released token in hwrmsend In case of token is released due to token-state == BNXTHWRMDEFERRED, released token set to NULL is used in log messages. This issue is expected to ...

WordPress Send Users Email plugin <= 1.5.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Joshua Chan in WordPress Plugin Send Users Email versions = 1.5.1...

WordPress Send Users Email Plugin <= 1.5.1 is vulnerable to Sensitive Data Exposure

Software Send Users Email Type Plugin Vulnerable versions = 1.5.1 Fixed in 1.5.2 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2024-38760 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 13aaf3930e9f Credits Joshua...

Kelixun Communication Command and Dispatch Management Platform Security Vulnerability

Kelixun Communication Command and Dispatch Management Platform Kelixun is a communication command and dispatch management platform from Kelixun, China. A security vulnerability exists in Kelixun Communication Command and Dispatch Management Platform version 7.6.6.439 and prior versions, which...

PT-2024-28344 · Unknown · Fujian Kelixun

Name of the Vulnerable Software and Affected Versions: Fujian Kelixun versions prior to 7.6.6.4391 Description: The issue is related to SQL Injection in the "send event.php" file. This allows for potential exploitation. Recommendations: For versions prior to 7.6.6.4391, update to a version that...

CVE-2024-38272

There exists a vulnerability in Quick Share/Nearby, where an attacker can bypass the accept file dialog on Quick Share Windows. Normally in Quick Share Windows app we can't send a file without the user accept from the receiving device if the visibility is set to everyone mode or contacts mode. We...

Malicious code in @ks-radar/radar-send-web-log-collect (npm)

--- -= Per source details. Do not edit below this line.=-...

SUSE CVE-2022-48729

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix panic with larger ipoib sendqueuesize When the ipoib sendqueuesize is increased from the default the following panic happens: RIP: 0010:hfi1ipoibdraintxring+0x45/0xf0 hfi1 Code: 31 e4 eb 0f 8b 85 c8 02 00 00 41 83 c4...

DEBIAN-CVE-2022-48729

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix panic with larger ipoib sendqueuesize When the ipoib sendqueuesize is increased from the default the following panic happens: RIP: 0010:hfi1ipoibdraintxring+0x45/0xf0 hfi1 Code: 31 e4 eb 0f 8b 85 c8 02 00 00 41 83 c4...

CVE-2022-48729

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix panic with larger ipoib sendqueuesize When the ipoib sendqueuesize is increased from the default the following panic happens: RIP: 0010:hfi1ipoibdraintxring+0x45/0xf0 hfi1 Code: 31 e4 eb 0f 8b 85 c8 02 00 00 41 83 c4...

CVE-2022-48729 IB/hfi1: Fix panic with larger ipoib send_queue_size

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix panic with larger ipoib sendqueuesize When the ipoib sendqueuesize is increased from the default the following panic happens: RIP: 0010:hfi1ipoibdraintxring+0x45/0xf0 hfi1 Code: 31 e4 eb 0f 8b 85 c8 02 00 00 41 83 c4...

CVE-2022-48729

CVE-2022-48729 (Linux kernel) concerns an issue in IB/hfi1 where increasing ipoib send_queue_size could trigger a kernel panic. The root cause, as described in the supplied docs, is a miscalculation: a shift was treated as a function of the ring size instead of the item size, leading to a panic i...

WordPress plugin Cost Calculator Builder PRO security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-5494 · Admidio · Admidio

Name of the Vulnerable Software and Affected Versions: Admidio versions prior to 4.3.9 Description: The issue is related to an SQL Injection in the /adm program/modules/ecards/ecard send.php source file of the Admidio Application. This SQL Injection results in a compromise of the application's...

Rockwell Automation FactoryTalk View SE 安全漏洞

Rockwell Automation FactoryTalk View SE is an industrial automation system view interface from Rockwell Automation. An authentication error vulnerability exists in Rockwell Automation FactoryTalk View SE, which can be exploited by an attacker to send packets to a customer's server from a remote...

Rockwell Automation FactoryTalk View SE 安全漏洞

Rockwell Automation FactoryTalk View SE is an industrial automation system view interface from Rockwell Automation. An authentication error vulnerability exists in Rockwell Automation FactoryTalk View SE, which can be exploited by an attacker to send packets to a customer's server from a remote...