CVE-2024-27408

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the eDMA controller register. If the doorbell register is toggled...

CVE-2024-27408 dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the eDMA controller register. If the doorbell register is toggled...

CVE-2024-3580

The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-3580

Popup4Phone WordPress plugin versions

CVE-2024-3580 Popup4Phone <= 1.3.2 - Editor+ Stored XSS

The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-3644

The Newsletter Popup WordPress plugin through 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-3634 month name translation benaceur < 2.3.8 - Admin+ Stored XSS

The month name translation benaceur WordPress plugin before 2.3.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

Missing authentication for local web interface in Arc before v1.6.0

Summary When configuring Arc e.g. during the first setup, a local web interface is provided to ease the configuration process. Such web interface lacks authentication and may thus be abused by a local attacker or malware running on the machine itself. Impact A malicious local user or process,...

CVE-2023-5971

The Save as PDF Plugin by Pdfcrowd WordPress plugin before 3.2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite se...

D-Link DIR-619 安全漏洞

The D-Link DIR-619L is a wireless router designed for home and small office environments, utilizing the IEEE 802.11n standard with a maximum transmission rate of 300Mbps. The D-Link DIR-619L suffers from a buffer overflow vulnerability that originates from the parameter webpage of...

RHEL 8 : ovirt-hosted-engine-setup (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ovirt-hosted-engine-setup: root password exposed in log file CVE-2018-1000018 Note that Nessus has not tested for...

RHEL 5 : setup (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - setup: nologin listed in /etc/shells violates security expectations CVE-2018-1113 Note that Nessus has not tested f...

PT-2024-3754 · D Link · D-Link Dir-619L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-619L Rev.B version 2.06B1 Description: A buffer overflow issue in the /bin/boa binary via the formWlanGuestSetup function allows remote authenticated users to trigger a denial of service DoS through the webpage parameter. This...

PT-2024-3753 · D Link · D-Link Dir-619L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-619L versions 2.06B1 Description: The issue is related to a buffer overflow in the formWlanSetup Wizard function of the D-Link DIR-619L router's firmware. This can be exploited by a remote attacker to cause a denial of service usin...

EulerOS 2.0 SP10 : xorg-x11-server (EulerOS-SA-2024-1582)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroy...

Playlist for Youtube <= 1.32 - Editor+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to...

CVE-2024-20866

Authentication bypass vulnerability in Setupwizard prior to SMR May-2024 Release 1 allows physical attackers to skip activation step...

CVE-2024-3755

The MF Gig Calendar WordPress plugin through 1.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-3755

The MF Gig Calendar WordPress plugin through 1.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-0904

The Fancy Product Designer WordPress plugin before 6.1.81 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...