29 matches found
CVE-2025-68253 mm: don't spin in add_stack_record when gfp flags don't allow
In the Linux kernel, the following vulnerability has been resolved: mm: don't spin in addstackrecord when gfp flags don't allow syzbot was able to find the following path: addstackrecordtolist mm/pageowner.c:182 inline incstackrecordcount mm/pageowner.c:214 inline setpageowner+0x2c3/0x4a0...
EUVD-2024-45638
Malicious code in bioql PyPI...
bpf: Tell memcg to use allow_spinning=false path in bpf_timer_init()
...
CVE-2025-39886 bpf: Tell memcg to use allow_spinning=false path in bpf_timer_init()
In the Linux kernel, the following vulnerability has been resolved: bpf: Tell memcg to use allowspinning=false path in bpftimerinit Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the following stack trace edited for style as one example: ... 10.011566...
CVE-2024-51839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meini Utech Spinning Earth utech-spinning-earth allows DOM-Based XSS.This issue affects Utech Spinning Earth: from n/a through = 1.2...
CVE-2024-51839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meini Utech Spinning Earth utech-spinning-earth allows DOM-Based XSS.This issue affects Utech Spinning Earth: from n/a through = 1.2...
CVE-2024-51839 WordPress Utech Spinning Earth plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meini Utech Spinning Earth allows DOM-Based XSS.This issue affects Utech Spinning Earth: from n/a through 1.2...
CVE-2024-51839
CVE-2024-51839 – Utech Spinning Earth WordPress plugin exhibits a DOM-based XSS due to improper input neutralization during web page generation. Affected: Utech Spinning Earth versions up to 1.2 (and earlier). Public details across sources consistently describe the issue as Cross-Site Scripting w...
CVE-2024-51839 WordPress Utech Spinning Earth plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meini Utech Spinning Earth utech-spinning-earth allows DOM-Based XSS.This issue affects Utech Spinning Earth: from n/a through = 1.2...
WordPress plugin Utech Spinning Earth 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-34966 · Utech · Utech Spinning Earth
Name of the Vulnerable Software and Affected Versions: Utech Spinning Earth versions 1.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows DOM-Based XSS. This means that an attacker can...
WordPress Utech Spinning Earth plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Utech Spinning Earth versions = 1.2...
WordPress Utech Spinning Earth Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS)
Software Utech Spinning Earth Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51839 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b242dc4ec571 Credits SOPROBRO Required privilege Contribut...
CWA for Android: Mobile Devices are not able to see the resources
Mobile Devices are not able to see the resources User may see Spinning wheel on Android device after adding Storefront URL in Workspace App...
Automated Threats Pose Increasing Risk to the Travel Industry
As the travel industry rebounds post-pandemic, it is increasingly targeted by automated threats, with the sector experiencing nearly 21% of all bot attack requests last year. That's according to research from Imperva, a Thales company. In their 2024 Bad Bot Report, Imperva finds that bad bots...
New Malware Targets Exposed Docker APIs for Cryptocurrency Mining
Cybersecurity researchers have uncovered a new malware campaign that targets publicly exposed Docket API endpoints with the aim of delivering cryptocurrency miners and other payloads. Included among the tools deployed is a remote access tool that's capable of downloading and executing more...
New Linux Malware Alert: ‘Spinning YARN’ Hits Docker, Other Key Apps
By Deeba Ahmed Another day, another Linux malware! This is a post from HackRead.com Read the original post: New Linux Malware Alert: Spinning YARN Hits Docker, Other Key Apps...
Secure Hub for Android stops responding after upgrading to Android 13
End users after upgrading to Android 13 with Citrix Secure Hub installed and configured, may experience the following behavior: Secure Hub goes into an infinite spinning loop Citrix PIN gets prompted indefinitely...
CVE-2022-3219
GnuPG can be made to spin on a relatively small input by for example crafting a public key with thousands of signatures attached, compressed down to just a few KB...
Adversarial ML Attack that Secretly Gives a Language Model a Point of View
Machine learning security is extraordinarily difficult because the attacks are so varied--and it seems that each new one is weirder than the next. Heres the latest: a training-time attack that forces the model to exhibit a point of view: Spinning Language Models: Risks of Propaganda-As-A-Service...