13 matches found
CVE-2026-7493
The CVE concerns the WordPress plugin Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin . Affected versions are all up to and including 1.6.11.5 . The root cause is a publicly accessible REST API endpoint /wp-json/ssa/v1/async that calls PHP’s sleep() with a user-supplied...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a call to a function in an atomic context that could cause a sleep, potentially leading to system instabilit...
CVE-2022-50472
CVE-2022-50472 – Linux kernel IB/mad path : The issue arises when ib_query_pkey() is invoked in atomic context, which may sleep and triggers a trace/“splat” in the ring buffer, leading to a kernel warning. The description in the sources notes a sleep-prone call in atomic context and a generated t...
CVE-2022-50472 IB/mad: Don't call to function that might sleep while in atomic context
In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that might sleep while in atomic context Tracepoints are not allowed to sleep, as such the following splat is generated due to call to ibquerypkey in atomic context. WARNING: CPU: 0 PID: 1888000 at...
CVE-2022-50472 IB/mad: Don't call to function that might sleep while in atomic context
In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that might sleep while in atomic context Tracepoints are not allowed to sleep, as such the following splat is generated due to call to ibquerypkey in atomic context. WARNING: CPU: 0 PID: 1888000 at...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an issue in the mm/kmemleak component that calls a sleep function from an invalid environment...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improper call to a sleep function from an invalid context in the qgroup inheritance operation of the btrf...
WP Mail Log < 1.1.3 – Contributor+ SQL Injection in wml_logs/send_mail endpoint
Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor. Run the following within any page on the site. Notice that the request is delayed by the SLEEP call in th...
WP Mail Log < 1.1.3 – Contributor+ SQL Injection in wml_logs endpoint
Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor. Run the following within a block editor page. Notice that the request is delayed by the SLEEP call in the...
samba: "rpcecho" development server allows denial of service via sleep() call on AD DC
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...
samba: "rpcecho" development server allows denial of service via sleep() call on AD DC
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...
CVE-2023-42669 Samba: "rpcecho" development server allows denial of service via sleep() call on ad dc
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...
CVE-2023-42669 Samba: "rpcecho" development server allows denial of service via sleep() call on ad dc
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...