22 matches found
SUSE CVE-2026-46189
In the Linux kernel, the following vulnerability has been resolved: RDMA/vmwpvrdma: Fix double free on pvrdmaallocucontext error path Sashiko points out that pvrdmauarfree is already called within pvrdmadeallocucontext, so calling it before triggers a double free...
CVE-2026-46189
In the Linux kernel, the following vulnerability has been resolved: RDMA/vmwpvrdma: Fix double free on pvrdmaallocucontext error path Sashiko points out that pvrdmauarfree is already called within pvrdmadeallocucontext, so calling it before triggers a double free...
UBUNTU-CVE-2026-46189
In the Linux kernel, the following vulnerability has been resolved: RDMA/vmwpvrdma: Fix double free on pvrdmaallocucontext error path Sashiko points out that pvrdmauarfree is already called within pvrdmadeallocucontext, so calling it before triggers a double free...
CVE-2026-46189
In the Linux kernel, the following vulnerability has been resolved: RDMA/vmwpvrdma: Fix double free on pvrdmaallocucontext error path Sashiko points out that pvrdmauarfree is already called within pvrdmadeallocucontext, so calling it before triggers a double free...
CVE-2026-46189 RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path
In the Linux kernel, the following vulnerability has been resolved: RDMA/vmwpvrdma: Fix double free on pvrdmaallocucontext error path Sashiko points out that pvrdmauarfree is already called within pvrdmadeallocucontext, so calling it before triggers a double free...
CVE-2026-46189
In the Linux kernel, the following vulnerability has been resolved: RDMA/vmwpvrdma: Fix double free on pvrdmaallocucontext error path Sashiko points out that pvrdmauarfree is already called within pvrdmadeallocucontext, so calling it before triggers a double free...
PT-2026-44312
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A double free issue exists in the RDMA/vmw pvrdma component. The error path in the pvrdma alloc ucontext function triggers...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a double release of memory during the error path in the RDMA vmwpvrdma driver’s pvrdmaallocuconte...
EUVD-2022-34795
Malicious code in bioql PyPI...
CVE-2022-2542
The uContext for Clickbank plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. This is due to missing nonce validation in the /app/sites/ajax/actions/keywordsave.php file that is called via the doAjax function. This make...
CVE-2022-2542
The uContext for Clickbank plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. This is due to missing nonce validation in the /app/sites/ajax/actions/keywordsave.php file that is called via the doAjax function. This make...
CVE-2022-2541
The uContext for Amazon plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. This is due to missing nonce validation in the /app/sites/ajax/actions/keywordsave.php file that is called via the doAjax function. This makes i...
CVE-2022-2541
The uContext for Amazon plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. This is due to missing nonce validation in the /app/sites/ajax/actions/keywordsave.php file that is called via the doAjax function. This makes i...
Cross site request forgery (csrf)
The uContext for Clickbank plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. This is due to missing nonce validation in the /app/sites/ajax/actions/keywordsave.php file that is called via the doAjax function. This make...
CVE-2022-2541
CVE-2022-2541 affects the WordPress plugin uContext for Amazon (versions up to and including 3.9.1). The root cause is missing nonce validation in the Ajax handler (~/app/sites/ajax/actions/keyword_save.php) invoked via doAjax(), enabling Cross-Site Request Forgery that can lead to Cross-Site Scr...
CVE-2022-2541 uContext for Amazon <= 3.9.1 - Cross-Site Request Forgery to Cross-Site Scripting
The uContext for Amazon plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. This is due to missing nonce validation in the /app/sites/ajax/actions/keywordsave.php file that is called via the doAjax function. This makes i...
CVE-2022-2542
The CVE-2022-2542 entry concerns the WordPress uContext for Clickbank plugin (versions up to and including 3.9.1). The vulnerability is a Cross-Site Request Forgery (CSRF) that can lead to Cross-Site Scripting (XSS) due to missing nonce validation in the file ~/app/sites/ajax/actions/keyword_save...
PT-2022-17273
Name of the Vulnerable Software and Affected Versions uContext for Amazon plugin for WordPress versions up to, and including 3.9.1 Description The issue is related to Cross-Site Request Forgery to Cross-Site Scripting due to missing nonce validation in the /app/sites/ajax/actions/keyword save.php...
WordPress plugin uContext for Clickbank 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
PT-2022-17281 · WordPress · Ucontext For Clickbank
Name of the Vulnerable Software and Affected Versions: uContext for Clickbank plugin for WordPress versions up to, and including 3.9.1 Description: The issue is due to missing nonce validation in the /app/sites/ajax/actions/keyword save.php file, which is called via the doAjax function. This allo...