Green Packet OH736 命令注入漏洞

The Green Packet OH736 is a router from Green Packet USA. A security vulnerability exists in the WR-1200 Indoor Unit, OT-235 M-IDU-1.6.0.3V1.1 version, and MH-46360-2.0.3-R5-GP version of the Green Packet OH736. By exploiting this vulnerability, an attacker can completely take over root privilege...

PT-2023-13294 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: Memory corruption occurs due to improper validation of an array index when a malformed APDU is sent from a card. Recommendations: At the moment, there is no information about a newer version...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-0266 kernel: FUSE filesystem low-privileged user...

The vulnerability in the virtual file system /proc of Linux kernel allows a attacker to trigger a service failure.

The vulnerability in the virtual file system /proc of Linux operating systems is related to concurrent access to the memory page counter by the functions pagemapcount and splithugepage in the taskmmu.c module. Exploiting this vulnerability can allow an attacker to cause a service failure...

Fedora: Security Advisory for rubygem-actionpack (FEDORA-2023-d6157bb1e2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OSV-2023-257 Global-buffer-overflow in read_coding_unit

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57566 Crash type: Global-buffer-overflow READ 1 Crash state: readcodingunit readcodingquadtree readcodingquadtree...

CVE-2023-0197

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious user in a guest VM can cause a NULL-pointer dereference, which may lead to denial of service...

UBUNTU-CVE-2023-0181

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering...

[SECURITY] Fedora 38 Update: rubygem-actionpack-7.0.4.3-1.fc38

Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn't require a browser...

Risk Fact #4: Misconfigurations Still Prevalent in Web Applications

Qualys Blog Series – Threat Research Unit Report The Open Web Application Security Project OWASP Top 10 is a list of the most common and most critical vulnerabilities that can impact a web application. Security experts rely on the OWASP Top 10 when talking about web app security. The list helps...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +80 more potentially affected by CVE-2023-25666 via tensorflow-gpu (>=1.10.1 <=2.0.4)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =1.0.0, =0.0.1, =0.0.2, =0.6.7, =0.1.2, =0.1.0, =0.1.2 - dragonn =0.4.2 and more Source cves: CVE-2023-25666 Source advisory: OSV:GHSA-F637-VH3R-VFH2...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that originates from imprope...

CVE-2023-1559

A vulnerability classified as problematic was found in SourceCodester Storage Unit Rental Management System 1.0. This vulnerability affects unknown code of the file classes/Users.php?f=save. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been...

CVE-2023-1559 SourceCodester Storage Unit Rental Management System unrestricted upload

A vulnerability classified as problematic was found in SourceCodester Storage Unit Rental Management System 1.0. This vulnerability affects unknown code of the file classes/Users.php?f=save. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been...

CVE-2023-1559

CVE-2023-1559 affects SourceCodester Storage Unit Rental Management System 1.0, with a vulnerability in the file classes/Users.php?f=save that allows an attacker to perform an unrestricted upload. Multiple sources in the Connected documents corroborate the issue and describe remote exploitation p...

Sourcecodester Storage Unit Rental Management System 代码问题漏洞

Sourcecodester Storage Unit Rental Management System is a storage unit rental management system that helps manage storage unit rental business records and monitor their records. A code issue vulnerability exists in SourceCodester Storage Unit Rental Management System version 1.0, which is caused ...

PT-2023-17075 · Sourcecodester · Sourcecodester Storage Unit Rental Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Storage Unit Rental Management System version 1.0 Description: A problematic vulnerability was found in the SourceCodester Storage Unit Rental Management System. This issue affects the file classes/Users.php?f=save, leading to...

Cross site scripting

The VK All in One Expansion Unit WordPress plugin before 9.87.1.0 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

CVE-2023-0937 VK All in One Expansion Unit < 9.87.1.0 - Reflected XSS

The VK All in One Expansion Unit WordPress plugin before 9.87.1.0 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

CVE-2023-0937 VK All in One Expansion Unit < 9.87.1.0 - Reflected XSS

The VK All in One Expansion Unit WordPress plugin before 9.87.1.0 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...