7884 matches found
kernel: ASoC: SOF: avoid a NULL dereference with unsupported widgets
A NULL pointer dereference was found in the Sound Open Firmware SOF driver. When a topology contains an unsupported widget type, the moduleinfo field is NULL, and dereferencing it during route setup crashes the kernel...
kernel: cifs: Fix memory leak when build ntlmssp negotiate blob failed
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when build ntlmssp negotiate blob failed There is a memory leak when mount cifs: unreferenced object 0xffff888166059600 size 448: comm "mount.cifs", pid 51391, jiffies 4295596373 age 330.596s hex dump first ...
kernel: bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails
In the Linux kernel, the following vulnerability has been resolved: bonding: restore bond's IFFSLAVE flag if a non-eth dev enslave fails syzbot reported a warning1 where the bond device itself is a slave and we try to enslave a non-ethernet device as the first slave which fails but then in the...
kernel: md/raid10: fix memleak of md thread
A memory leak was found in the MD RAID10 driver. When raid10run fails after setupconf succeeds but before mddev-thread is set, the conf-thread is not freed, leaking kernel thread resources...
PT-2023-27881 · Samsung · Samsung Smart Tv
Name of the Vulnerable Software and Affected Versions: Samsung Smart TV UE40D7000 version T-GAPDEUC-1033.2 and before Description: The issue is related to an Improper Restriction of Excessive Authentication Attempts, allowing attackers to cause a denial of service via WPS attack tools...
Cross site scripting
The WP Discord Invite WordPress plugin before 2.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Cross site scripting
The Simple Table Manager WordPress plugin through 1.5.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Bookly < 22.5 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. As an admin user, visit the...
PT-2023-30862 · WordPress · Simple Table Manager
Name of the Vulnerable Software and Affected Versions: The Simple Table Manager WordPress plugin versions 1.5.6 and earlier Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, f...
Rocky Linux 9 : device-mapper-multipath (RLSA-2022:8453)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:8453 advisory. - A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjuncti...
WC Captcha <= 1.5 - Admin+ Stored XSS
Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
The vulnerability of the /goform/formEasySetupWizard3 component of the D-Link N300 WI-Fi Router DIR-605L wireless access point software allows a attacker to cause a service failure or execute arbitrary code.
The vulnerability of the /goform/formEasySetupWizard3 component of the D-Link N300 WI-Fi Router DIR-605L wireless access point lies in the ability to write data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions or execute...
CVE-2023-1193
A use-after-free flaw was found in setupasyncwork in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed work...
AZL-31851 CVE-2023-1193 affecting package kernel for versions less than 5.15.143.1-1
A use-after-free flaw was found in setupasyncwork in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed work...
AZL-31813 CVE-2023-1193 affecting package hyperv-daemons for versions less than 5.15.145.2-1
A use-after-free flaw was found in setupasyncwork in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed work...
UBUNTU-CVE-2023-1193
A use-after-free flaw was found in setupasyncwork in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed work...
CVE-2023-1193
A use-after-free flaw was found in setupasyncwork in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed work...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux Kernel that stems from an out-of-bounds read vulnerability due to a failure to properly handle session setup requests...
Design/Logic Flaw
authentik is an open-source Identity Provider. Prior to versions 2023.8.4 and 2023.10.2, when the default admin user has been deleted, it is potentially possible for an attacker to set the password of the default admin user without any authentication. authentik uses a blueprint to create the...
CVE-2023-46249 authentik potential installation takeover when default admin user is deleted
authentik is an open-source Identity Provider. Prior to versions 2023.8.4 and 2023.10.2, when the default admin user has been deleted, it is potentially possible for an attacker to set the password of the default admin user without any authentication. authentik uses a blueprint to create the...