24 matches found
CVE-2026-43121 io_uring/zcrx: fix user_ref race between scrub and refill paths
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userref race between scrub and refill paths The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed by separate atomicdec to manipulate userrefs. This is serialized...
GHSA-C3H3-89QF-JQM5
creationtimestamp| type| source ---|---|--- 2026-04-09 11:16:38+00:00| seen| Telegram/nE1gVyn8jRxbZ-OhSUewb4fvVZDT-qjlGTvhk8YiMctdMk...
EUVD-2013-2091
Malware in sbrugna...
EUVD-2009-1504
Malware in sbrugna...
CVE-2013-2123
The Node access user reference module 6.x-3.x before 6.x-3.5 and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to content containing a user reference field when the author update/delete grants are enabled and the author's user account is deleted, which allows remote attacke...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from ksmbd not properly handling sess-user references in Kerberos authentication, which could lead to reuse after...
CVE-2024-20435
creationtimestamp| type| source ---|---|--- 2024-07-17 19:53:42+00:00| seen| https://t.me/cvedetector/1101 2024-07-18 11:16:31+00:00| seen| https://t.me/kasperskyb2b/1343 2024-08-11 18:11:49+00:00| seen| https://t.me/MrVGunz/1251...
Security Alert: WordPress Forum plug-in bbPress, there is stored XSS vulnerability, the impact of fix version 2. 5. 9 all previous versions-bug warning-the black bar safety net
Recently, the WordPress parent company Automattic released bbPress 2.5.9 version in the official WordPress Forum plugin to the latest version, fixes a higher threat of the storage typeXSSvulnerabilities that affect the scope include existing bbPress version, i.e., version 2.5.9 of all will suffer...
CVE-2013-2123
The Node access user reference module 6.x-3.x before 6.x-3.5 and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to content containing a user reference field when the author update/delete grants are enabled and the author's user account is deleted, which allows remote attacke...
Code injection
The Node access user reference module 6.x-3.x before 6.x-3.5 and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to content containing a user reference field when the author update/delete grants are enabled and the author's user account is deleted, which allows remote attacke...
CVE-2013-2123
The CVE-2013-2123 issue affects the Drupal module Node access user reference (nodeaccess_userreference) for Drupal 6.x-3.x (before 6.x-3.5) and Drupal 7.x-3.x (before 7.x-3.10). The root cause is inadequate access restriction for content containing a user reference field when author update/delete...
CVE-2013-2123
The Node access user reference module 6.x-3.x before 6.x-3.5 and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to content containing a user reference field when the author update/delete grants are enabled and the author's user account is deleted, which allows remote attacke...
Drupal Node Access User Reference模块访问绕过漏洞
Bugtraq ID:60211 CVE ID:CVE-2013-2123 Drupal是一个基于PHP语言编写的开发型CMF(内容管理框架)。 Drupal Node Access User Reference模块允许对坐着,引用用户和非引用用户分配不同的访问权限。当作者创建包含用户引用字段的内容,并坐着用户账户不就被删除后,该作者创建的内容可被匿名用户编辑。 0 Drupal Node Access User Reference 6.x Drupal Node Access User Reference 7.x 厂商解决方案 Drupal Node Access User...
SA-CONTRIB-2013-049 - Node access user reference - Access Bypass
This module allows different access permissions to be given to authors, referenced users and non-referenced users. When an author has created content containing a user reference field with author update/delete grants enabled and the author's user account is later deleted, content created by them...
Drupal's <= v6.x-1.0 Realname User Reference Widget contributed module
Exploit for unknown platform in category web applications ====================================================================== Drupal's Description of Vulnerability: ----------------------------- Drupal is a free software package that allows an individual or a community of users to easily...
Information disclosure vulnerability in Drupal's Realname User Reference Widget contributed module (version 6.x-1.0)
Information disclosure vulnerability in Drupal's Realname User Reference Widget contributed module version 6.x-1.0 Discovered by Martin Barbella [email protected] Description of Vulnerability: ----------------------------- Drupal is a free software package that allows an individual or a...
Drupal Realname User Reference Information Disclosure
Information disclosure vulnerability in Drupal's Realname User Reference Widget contributed module version 6.x-1.0 Discovered by Martin Barbella Description of Vulnerability: ----------------------------- Drupal is a free software package that allows an individual or a community of users to easil...
CVE-2009-1507
The vulnerability CVE-2009-1507 affects the Drupal Node Access User Reference module (5.x prior to 5.x-2.0-beta4 and 6.x prior to 6.x-2.0-beta6). The module interprets an empty CCK user reference as the anonymous user, potentially bypassing access controls to read or modify a node. Remediation: u...
SA-CONTRIB-2009-024 - Node Access User Reference - Access Bypass
Node Access User Reference enables administrators to automatically grant node access view, update, or delete to a node where the user is referenced by CCK user reference. When such a field is saved with an empty value, Node Access User Reference mistakes this for a reference to the anonymous user...
FreeBSD : drupal6-cck -- XSS (03d22656-2690-11de-8226-0030843d3802)
Drupal CCK plugin developer reports : The Node reference and User reference sub-modules, which are part of the Content Construction Kit CCK project, lets administrators define node fields that are references to other nodes or to users. When displaying a node edit form, the titles of candidate...