80 matches found
SUSE-SU-2024:2571-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-39371: iouring: check for non-NULL file pointer in iofilecanpoll bsc1226990. - CVE-2023-52846: hsr: Prevent use after free in prpcreatetaggedframe bsc122509...
PT-2024-7603
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58 Description The issue is related to use-after-free problems in the Linux kernel, specifically in the drm/stm module. The ltdc load function calls drm crtc init with planes, drm universal plane init, and dr...
CVE-2024-5545
The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the stmeditdeleteusercar function in all versions up to, and including, 1.4.8. This makes it possible for unauthenticated attackers to...
SUSE CVE-2024-38627
In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stmregisterdevice The putdevice&stm-dev call will trigger stmdevicerelease which frees "stm" so the vfreestm on the next line is a double free...
CVE-2024-38627
A vulnerability was found in the Linux kernel's stm class, where an improper memory management sequence in stmregisterdevice could lead to a double-free error. This issue occurs when the putdevice&stm-;dev call triggers stmdevicerelease to free "stm", making the subsequent vfreestm call redundant...
DEBIAN-CVE-2024-38627
In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stmregisterdevice The putdevice&stm-dev call will trigger stmdevicerelease which frees "stm" so the vfreestm on the next line is a double free...
CVE-2024-38627
In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stmregisterdevice The putdevice&stm-dev call will trigger stmdevicerelease which frees "stm" so the vfreestm on the next line is a double free...
UBUNTU-CVE-2024-38627
In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stmregisterdevice The putdevice&stm-dev call will trigger stmdevicerelease which frees "stm" so the vfreestm on the next line is a double free...
CVE-2024-38627 stm class: Fix a double free in stm_register_device()
In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stmregisterdevice The putdevice&stm-dev call will trigger stmdevicerelease which frees "stm" so the vfreestm on the next line is a double free...
CVE-2024-38627 stm class: Fix a double free in stm_register_device()
In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stmregisterdevice The putdevice&stm-dev call will trigger stmdevicerelease which frees "stm" so the vfreestm on the next line is a double free...
PT-2024-28758 · WordPress · Wordpress Header Builder Plugin
Name of the Vulnerable Software and Affected Versions: WordPress Header Builder Plugin – Pearl plugin for WordPress versions up to, and including, 1.3.6 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'stm hb' shortcode due to insufficient input sanitization and...
WordPress MasterStudy LMS plugin <= 3.3.1 - Unauthenticated Privilege Escalation via stm_lms_register AJAX Action vulnerability
Unauthenticated Privilege Escalation via stmlmsregister AJAX Action vulnerability discovered by Hiroho Shimada in WordPress Plugin MasterStudy LMS versions = 3.3.1...
Synology Surveillance Station 安全漏洞
Synology Surveillance Station is an application from Synology, a Chinese company. It provides intelligent monitoring and video management tools to protect your valuable assets. A security vulnerability previously existed in Synology Surveillance Station version 9.2.0-11289, which stemmed from a...
PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions
The point-of-sale PoS terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber R&D team, which reverse engineered the Android-based devices manufactured by the Chinese firm owing to...
WordPress Plugin Unauthenticated Account Creation 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
stm-sport.dk Cross Site Scripting vulnerability OBB-3327126
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
stm-assoc.org Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1098400 Security Researcher Hchabik Helped patch 2375 vulnerabilities Received 5 Coordinated Disclosure badges Received 2 recommendations , a holder of 5 badges for responsible and coordinated disclosure, found a security vulnerability affecting stm-assoc.org website and i...
stm-market.ru Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1090793 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
ST Microelectronics TPM Firmware ECDSA Signature Generation Vulnerability - Lenovo Support US
No description provided...
openSUSE Security Update : libopenmpt (openSUSE-2019-524)
This update for libopenmpt to version 0.3.9 fixes the following issues : These security issues were fixed : - CVE-2018-11710: Prevent write near address 0 in out-of-memory situations when reading AMS files bsc1095644 - CVE-2018-10017: Preven out-of-bounds memory read with IT/ITP/MO3 files...