GHSA-MPCW-3J5P-P99X Butterfly's parseJSON, getJSON functions eval malicious input, leading to remote code execution (RCE)

Summary Usage of the Butterfly.prototype.parseJSON or getJSON functions on an attacker-controlled crafted input string allows the attacker to execute arbitrary JavaScript code on the server. Since Butterfly JavaScript code has access to Java classes, it can run arbitrary programs. Details The...

PT-2024-39641 · WordPress · Embed Pdf Viewer

Name of the Vulnerable Software and Affected Versions: Embed PDF Viewer plugin for WordPress versions up to, and including, 2.4.4 Description: The issue is related to Stored Cross-Site Scripting via the height and width parameters due to insufficient input sanitization and output escaping. This...

CVE-2024-43912

CVE-2024-43912 in the Linux kernel affects the wifi nl80211 code:AP channel width setting is now disallowed when using non-standard widths (e.g., S1G or narrow channels). The issue arises from allowing non-standard AP channel widths while normal 20/40/… MHz progression is expected, and the patch ...

CVE-2024-6575

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘reswidthvalue’ parameter within the plugin's tppagescroll widget in all versions up to, and including, 5.6.2 due to...

Fedora 39 : xrdp (2024-41c1bf8de6)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-41c1bf8de6 advisory. Release notes for xrdp v0.10.1 2024/07/31 General announcements A clipboard bugfix included in this release is sponsored by Krmer Pferdesport GmbH & Co KG. W...

kernel: pwm: Fix double shift bug

REJECTED CVE A double shift vulnerability was identified in the Linux kernel's pwm subsystem. The issue involves passing a shifted value instead of a bit number to set/testbit functions, resulting in a double shift e.g., BITBIT1. While this doesn't cause problems for values 0 or 1, values of 5 or...

A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.

...

PT-2024-38363 · Fastadmin · Fastadmin

Name of the Vulnerable Software and Affected Versions: FastAdmin version 1.5.0.20240328 Description: A vulnerability was found in the Attachment Management Section of the software, affecting the file /admins url.php/general/attachment/edit/ids/4?dialog=1. The issue arises from the manipulation of...

CVE-2024-42105 nilfs2: fix inode number range checks

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix inode number range checks Patch series "nilfs2: fix potential issues related to reserved inodes". This series fixes one use-after-free issue reported by syzbot, caused by nilfs2's internal inode being exposed in the...

CVE-2024-6181

A vulnerability was found in LabVantage LIMS 2017. It has been declared as problematic. This vulnerability affects unknown code of the file /labvantage/rc?command=file&file=WEB-CORE/elements/files/filesembedded.jsp&size=32. The manipulation of the argument height/width leads to cross site...

PT-2024-37352 · Labvantage · Labvantage Lims

Name of the Vulnerable Software and Affected Versions: LabVantage LIMS version 2017 Description: A problematic vulnerability has been found in LabVantage LIMS, affecting an unknown part of the file "/labvantage/rc?command=page&page=SampleHistoricalList& iframename=list& crc=crc 1701669816260". Th...

LabVantage Solutions LIMS Cross-Site Scripting Vulnerability

LabVantage Solutions LIMS is a laboratory letter management system from LabVantage Solutions, USA. A cross-site scripting vulnerability exists in LabVantage Solutions LIMS version 2017 that stems from incorrect manipulation of the parameters height/width resulting in cross-site scripting...

ALPINE-CVE-2024-5171

Integer overflow in libaom internal function imgallochelper can lead to heap buffer overflow. This function can be reached via 3 callers: Calling aomimgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and so...

SUSE CVE-2024-36948

In the Linux kernel, the following vulnerability has been resolved: drm/xe/xemigrate: Cast to output precision before multiplying operands Addressing potential overflow in result of multiplication of two lower precision u32 operands before widening it to higher precision u64. -v2 Fix commit messa...

DRUPAL-CONTRIB-2024-023

This module enables you to create responsive image styles that depend on the parent element's width. The module doesn't sufficiently check access to rendered images, resulting in access bypass vulnerabilities in specific scenarios...

DEBIAN-CVE-2024-35995

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use accesswidth over bitwidth for system memory accesses To align with ACPI 6.3+, since bitwidth can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt 1...

CVE-2024-35995

CVE-2024-35995 describes a Linux kernel issue where the ACPI CPPC code misread system memory by relying on bit_width, risking incorrect memory access. The fix switches to using access_width for size calculation and reads/writes using an offset and width, with a fallback to bit_width if access_wid...

CVE-2024-35995 ACPI: CPPC: Use access_width over bit_width for system memory accesses

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use accesswidth over bitwidth for system memory accesses To align with ACPI 6.3+, since bitwidth can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt 1...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of bitwidth for system memory accesses, resulting in a kernel panic...

WordPress WP Video Lightbox plugin <= 1.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via width Parameter vulnerability discovered by Krzysztof Zając in WordPress Plugin WP Video Lightbox versions = 1.9.10...