463 matches found
CVE-2024-11266
The Geocache Stat Bar Widget WordPress plugin through 0.911 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11266
The Geocache Stat Bar Widget WordPress plugin through 0.911 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11266
The Geocache Stat Bar Widget WordPress plugin through 0.911 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11266 Geocache Stat Bar Widget <= 0.911 - Admin+ Stored XSS
The Geocache Stat Bar Widget WordPress plugin through 0.911 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11266 Geocache Stat Bar Widget <= 0.911 - Admin+ Stored XSS
The Geocache Stat Bar Widget WordPress plugin through 0.911 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11266
CVE-2024-11266 concerns the Geocache Stat Bar Widget WordPress plugin, up to version 0.911, which does not sufficiently sanitize/escape certain settings. This can let high-privilege users (e.g., admins) perform Stored Cross-Site Scripting even when unfiltered_html is disallowed, particularly in m...
WordPress plugin Geocache Stat Bar Widget 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-21417 · WordPress · Geocache Stat Bar Widget
Name of the Vulnerable Software and Affected Versions: Geocache Stat Bar Widget WordPress plugin versions 0.911 and earlier Description: The issue concerns the Geocache Stat Bar Widget WordPress plugin, which does not properly sanitise and escape some of its settings. This could allow...
The vulnerability of the ftrace component of the function_stat_show in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the ftrace component in the functionstatshow function of the Linux operating system’s kernel is related to the lack of checks for division by zero. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
AZL-60354 CVE-2025-21898 affecting package kernel for versions less than 5.15.180.1-1
In the Linux kernel, the following vulnerability has been resolved: ftrace: Avoid potential division by zero in functionstatshow Check whether denominator expression x x - 1 1000 mod 2^32, 2^64 produce zero and skip stddev computation in that case. For now don't care about rec-counter rec-counter...
CVE-2025-21898 ftrace: Avoid potential division by zero in function_stat_show()
In the Linux kernel, the following vulnerability has been resolved: ftrace: Avoid potential division by zero in functionstatshow Check whether denominator expression x x - 1 1000 mod 2^32, 2^64 produce zero and skip stddev computation in that case. For now don't care about rec-counter rec-counter...
CVE-2025-21898 ftrace: Avoid potential division by zero in function_stat_show()
In the Linux kernel, the following vulnerability has been resolved: ftrace: Avoid potential division by zero in functionstatshow Check whether denominator expression x x - 1 1000 mod 2^32, 2^64 produce zero and skip stddev computation in that case. For now don't care about rec-counter rec-counter...
CVE-2025-21898
CVE-2025-21898 (Linux kernel) : The vulnerability centers on ftrace calculation in function_stat_show(), where division-by-zero could occur during stddev computation. The fix introduces a check on the denominator expression x * (x - 1) * 1000, ensuring it does not produce zero before performing t...
PT-2025-16666
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue is related to the nfsd proc stat init function ignoring the return value of svc proc register. If the procfile creation...
SUSE CVE-2022-49199
In the Linux kernel, the following vulnerability has been resolved: RDMA/nldev: Prevent underflow in nldevstatsetcounterdynamicdoit This code checks "index" for an upper bound but it does not check for negatives. Change the type to unsigned to prevent underflows...
SUSE CVE-2022-49353
In the Linux kernel, the following vulnerability has been resolved: powerpc/paprscm: don't requests stats with '0' sized stats buffer Sachin reported 1 that on a POWER-10 lpar he is seeing a kernel panic being reported with vPMEM when paprscm probe is being called. The panic is of the form below...
DEBIAN-CVE-2022-49688
In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afsgetattr consult the server didn't account for the pseudo-inodes employed by the dynamic root-type afs superblock not having a volume or a server to access, and thus an oop...
DEBIAN-CVE-2022-49436
In the Linux kernel, the following vulnerability has been resolved: powerpc/paprscm: Fix leaking nvdimmeventsmap elements Right now 'char ' elements allocated for individual 'statid' in 'paprscmpriv.nvdimmeventsmap' during paprscmpmucheckevents, get leaked in paprscmremove and paprscmpmuregister,...
UBUNTU-CVE-2022-49353
In the Linux kernel, the following vulnerability has been resolved: powerpc/paprscm: don't requests stats with '0' sized stats buffer Sachin reported 1 that on a POWER-10 lpar he is seeing a kernel panic being reported with vPMEM when paprscm probe is being called. The panic is of the form below...
UBUNTU-CVE-2022-49688
In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afsgetattr consult the server didn't account for the pseudo-inodes employed by the dynamic root-type afs superblock not having a volume or a server to access, and thus an oop...