CVE-2023-31609

An issue in the dfeunitcolloci component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2023-28367

Cross-site scripting vulnerability in CTA post function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script...

CVE-2023-27926

Cross-site scripting vulnerability in Profile setting function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script...

CVE-2023-28367

Cross-site scripting vulnerability in CTA post function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script...

CVE-2023-27926

Cross-site scripting vulnerability in Profile setting function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script...

CVE-2023-28367

Cross-site scripting vulnerability in CTA post function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script...

Cross site scripting

Cross-site scripting vulnerability in Profile setting function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script...

Cross site scripting

Cross-site scripting vulnerability in CTA post function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script...

Command injection

Wi-Fi AP UNIT AC-PD-WAPU v1.05B04 and earlier, AC-PD-WAPUM v1.05B04 and earlier, AC-PD-WAPU-P v1.05B04P and earlier, AC-PD-WAPUM-P v1.05B04P and earlier, AC-WAPU-300 v1.00B07 and earlier, AC-WAPU-300-P v1.00B08P and earlier, AC-WAPUM-300 v1.00B07 and earlier, and AC-WAPUM-300-P v1.00B08P and...

CVE-2023-27926

Cross-site scripting vulnerability in Profile setting function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script...

CVE-2023-28367

CVE-2023-28367 affects VK All in One Expansion Unit (WordPress plugin) up to version 9.88.1.0. The issue is a cross-site scripting (XSS) vulnerability in the CTA post function that could allow a remote authenticated attacker to inject arbitrary script. Root cause details are not fully enumerated ...

CVE-2023-28392

Wi-Fi AP UNIT AC-PD-WAPU v1.05B04 and earlier, AC-PD-WAPUM v1.05B04 and earlier, AC-PD-WAPU-P v1.05B04P and earlier, AC-PD-WAPUM-P v1.05B04P and earlier, AC-WAPU-300 v1.00B07 and earlier, AC-WAPU-300-P v1.00B08P and earlier, AC-WAPUM-300 v1.00B07 and earlier, and AC-WAPUM-300-P v1.00B08P and...

VK All in One Expansion Unit 跨站脚本漏洞

VK All in One Expansion Unit is a plugin from Vektor for extending and enhancing the functionality of your website, which provides several functional modules and tools to help webmasters easily add a variety of features and functionality. A security vulnerability exists in VK All in One Expansion...

CVE-2023-28392

The CVE-2023-28392 issue affects multiple Inaba Denki Wi‑Fi AP UNIT models (AC-PD-WAPU, AC-PD-WAPUM, AC-PD-WAPU‑P, AC-PD‑WAPUM‑P, AC‑WAPU‑300, AC‑WAPU‑300‑P, AC‑WAPUM‑300, AC‑WAPUM‑300‑P) and allows an authenticated user with administrative privileges to execute arbitrary OS commands (OS command ...

CVE-2023-27926

CVE-2023-27926 affects VK All in One Expansion Unit (VK AIO) up to version 9.88.1.0. The vulnerability is a cross-site scripting issue in the Profile setting function that can allow a remote authenticated attacker to inject arbitrary scripts. Several connected sources corroborate the issue and ci...

PT-2023-21424 · Unknown · Vk All In One Expansion Unit

Name of the Vulnerable Software and Affected Versions: VK All in One Expansion Unit versions 9.88.1.0 and earlier Description: A cross-site scripting issue in the Profile setting function allows a remote authenticated attacker to inject an arbitrary script. Recommendations: For versions 9.88.1.0...

PT-2023-21676 · Unknown · Vk All In One Expansion Unit

Name of the Vulnerable Software and Affected Versions: VK All in One Expansion Unit versions 9.88.1.0 and earlier Description: A cross-site scripting issue in the CTA post function allows a remote authenticated attacker to inject an arbitrary script. Recommendations: For versions 9.88.1.0 and...

CVE-2023-28367

Cross-site scripting vulnerability in CTA post function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script...

kernel: drm/amd/pm: Fix a potential gpu_metrics_table memory leak

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix a potential gpumetricstable memory leak Memory is allocated for gpumetricstable in smuv1304initsmctables, but not freed in smuv1304finismctables. This may cause memory leaks, fix it...

kernel: iommu/vt-d: Clean up si_domain in the init_dmars() error path

A memory leak flaw was found in the Linux kernel's Intel VT-d IOMMU driver in the initialization error path. A local user can trigger this issue when the initdmars function fails during IOMMU setup, causing the sidomain memory to remain allocated without being freed. This results in a permanent...