16 matches found
CVE-2026-6287 ShopLentor - WooCommerce Builder for Elementor & Gutenberg <= 3.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Product Grid 'blockUniqId' Block Attribute
The ShopLentor - WooCommerce Builder for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blockUniqId' block attribute in multiple Product Gride blocks in versions up to, and including, 3.3.8 due to insufficient input sanitization and output escapin...
CVE-2026-6287
The ShopLentor - WooCommerce Builder for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blockUniqId' block attribute in multiple Product Gride blocks in versions up to, and including, 3.3.8 due to insufficient input sanitization and output escapin...
CVE-2026-31532 can: raw: fix ro->uniq use-after-free in raw_rcv()
In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro-uniq use-after-free in rawrcv rawrelease unregisters raw CAN receive filters via canrxunregister, but receiver deletion is deferred with callrcu. This leaves a window where rawrcv may still be running in an RCU...
CVE-2026-31532
CVE-2026-31532 affects the Linux kernel’s raw CAN socket implementation. A use-after-free can occur when, during unregistration of CAN receive filters, the kernel defers receiver deletion with RCU and frees per-CPU storage ro->uniq too early in raw_release(). The fix moves free_percpu(ro->u...
PT-2026-34658
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the SocketCAN subsystem of the Linux kernel. The raw release function unregisters raw CAN receive filters through can rx unregister, but the deletion of the...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of a freed resource after the release of the ro-uniq operation in rawrcv. This could le...
MiracleLinux 4 : coreutils-8.4-31.2.0.1.AXS4 (AXSA:2014-028:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-028:01 advisory. These are the GNU core utilities. This package is the combination of the old GNU fileutils, sh-utils, and textutils packages. Security issues fixed...
EUVD-2013-0256
Malware in sbrugna...
K16859: SUSE coreutils vulnerabilities CVE-2013-0221, CVE-2013-0222, and CVE-2013-0223
Security Advisory Description CVE-2013-0221 The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the sort command, when using the 1 -d or 2 -M switch, which triggers a stack-based buffer...
SUSE CVE-2013-0222
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function...
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command which triggers a stack-based buffer overflow in the alloca function.
...
CVE-2013-0222
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function...
coreutils: segfault in uniq with long line input
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function...
SuSE 11.2 / 11.3 Security Update : coreutils (SAT Patch Numbers 8334 / 8336)
This coreutils update fixes three minor security issues : - VUL-1: CVE-2013-0221: segmentation fault in 'sort -d' and 'sort -M' with long line input. bnc798538 - VUL-1: CVE-2013-0222: segmentation fault in 'uniq' with long line input. bnc796243 - VUL-1: CVE-2013-0223: segmentation fault in 'join...
Mandriva Linux Security Advisory : coreutils (MDVSA-2013:023-1)
Multiple vulnerabilities has been found and corrected in coreutils : Long line inputs could trigger a segfault in the sort, uniq and join utilities CVE-2013-0221, CVE-2013-0222, CVE-2013-0223. The updated packages have been patched to correct these issues. %NASLMINLEVEL 70300 C Tenable Network...
sort, uniq, join utilities resources exhaustion
Resources exhaustion on oversized string...