CVE-2023-45068

Cross-Site Request Forgery CSRF vulnerability in Supsystic Contact Form by Supsystic plugin = 1.7.27 versions...

SUSE-SU-2025:20459-1 Security update for containerd

This update for containerd fixes the following issues: - Updated to version 1.7.27: CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749...

Security update for containerd

This update for containerd fixes the following issues: Updated to version 1.7.27: CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Amazon Linux 2 : containerd (ALASECS-2025-070)

The version of containerd installed on the remote host is prior to 1.7.27-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-070 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bar...

SUSE-SU-2025:20216-1 Security update for containerd

This update for containerd fixes the following issues: - Updated containerd to v1.7.27. - CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749...

Amazon Linux 2 : containerd (ALASECS-2025-056)

The version of containerd installed on the remote host is prior to 1.7.27-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-056 advisory. containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 whe...

Security update for containerd

This update for containerd fixes the following issues: CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749 Other fixes: - Update to containerd v1.7.27. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

OESA-2025-1348 containerd security update

containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

OESA-2025-1325 containerd security update

containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

AZL-58845 CVE-2024-40635 affecting package containerd for versions less than 1.7.13-8

containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as roo...

containerd 输入验证错误漏洞

containerd is an industry standard container runtime from containerd open source. An input validation error vulnerability exists in containerd versions prior to 1.6.38, prior to 1.7.27, and prior to 2.0.4, which stems from an overflow that can be caused when UID:GID exceeds the maximum 32-bit...

CVE-2024-5150

The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26. This is due to the 'activationcode' default value is empty, and the not empty check is missing in the 'lwpajaxregister' function. This makes it possible for...

CVE-2024-5150 Login with phone number <= 1.7.26 - Authentication Bypass due to Missing Empty Value Check

The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26. This is due to the 'activationcode' default value is empty, and the not empty check is missing in the 'lwpajaxregister' function. This makes it possible for...

Login with phone number < 1.7.27 - Authentication Bypass due to Missing Empty Value Check

Description The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26. This is due to the 'activationcode' default value is empty, and the not empty check is missing in the 'lwpajaxregister' function. This makes it possible fo...

WordPress Login with phone number Plugin <= 1.7.26 is vulnerable to Privilege Escalation

Software Login with phone number Type Plugin Vulnerable versions = 1.7.26 Fixed in 1.7.27 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2024-5150 Patch priority High CVSS severity High 9.8 Developer Hamid Alinia PSID a2294e0242d6 Credits István Márton Required...

WordPress plugin Contact Form by Supsystic Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

Burp Suite is expose the presence of a remote code execution flaw vulnerability bug,I'll ask dare to continue to invade day the station?-vulnerability warning-the black bar safety net

Burp Suite is what? Confidence to engage in Web Network Security all know, the Burp Suite is for Web application to do network security testing of the integrated platform. It includes a lot of objects, and these objects program a lot of interface, can greatly accelerate our Web application networ...