WordPress plugin WP Video Lightbox 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-30403 · WordPress · Wp Video Lightbox

Name of the Vulnerable Software and Affected Versions: WP Video Lightbox plugin for WordPress versions up to, and including, 1.9.10 Description: The issue is related to Stored Cross-Site Scripting via the width parameter due to insufficient input sanitization and output escaping. This allows...

freerdp: invalid offset validation leading to Out Of Bound Write

A flaw was found in FreeRDP. An out-of-bounds write may occur when the values rect-left and rect-top are exactly equal to surface-width and surface-height. eg. rect-left == surface-width && rect-top == surface-height. This issue can result in a crash...

SUSE CVE-2024-32659

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if nWidth == 0 and nHeight == 0. Version 3.5.1 contains a patch for the issue. No known workarounds are available...

CVE-2024-32659

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if nWidth == 0 and nHeight == 0. Version 3.5.1 contains a patch for the issue. No known workarounds are available...

DEBIAN-CVE-2024-32659

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if nWidth == 0 and nHeight == 0. Version 3.5.1 contains a patch for the issue. No known workarounds are available...

SUSE CVE-2024-26796

In the Linux kernel, the following vulnerability has been resolved: drivers: perf: ctrgetwidth function for legacy is not defined With parameters CONFIGRISCVPMULEGACY=y and CONFIGRISCVPMUSBI=n linux kernel crashes when you try perf record: $ perf record ls 46.749286 Unable to handle kernel NULL...

DEBIAN-CVE-2024-26796

In the Linux kernel, the following vulnerability has been resolved: drivers: perf: ctrgetwidth function for legacy is not defined With parameters CONFIGRISCVPMULEGACY=y and CONFIGRISCVPMUSBI=n linux kernel crashes when you try perf record: $ perf record ls 46.749286 Unable to handle kernel NULL...

CVE-2024-1497

The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form widget addr2width attribute in all versions up to, and including, 2.10.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress Plugin Orbit Fox by ThemeIsle Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2024-18092 · Themeisle · Orbit Fox

Name of the Vulnerable Software and Affected Versions: The Orbit Fox by ThemeIsle plugin for WordPress versions up to, and including, 2.10.30 Description: The issue is related to Stored Cross-Site Scripting via the form widget addr2 width attribute due to insufficient input sanitization and outpu...

BIT-TENSORFLOW-2022-21733 Memory exhaustion in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...

CVE-2023-52511

In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: reduce DMA RX transfer width to single byte Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even multiple bytes lost...

SUSE CVE-2021-47044

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix shift-out-of-bounds in loadbalance Syzbot reported a handful of occurrences where an sd-nrbalancefailed can grow to much higher values than one would expect. A successful loadbalance resets it to 0; a failed one...

PT-2024-26832

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.37 Description The issue is related to the ACPI CPPC Collaborative Processor Performance Control in the Linux kernel, where using bit width for system memory accesses could lead to issues since it can be any...

DEBIAN-CVE-2021-47047

In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dmamapsingle fails The spi controller supports 44-bit address space on AXI in DMA mode, so set dmaaddrt width to 44-bit to avoid using a swiotlb mapping. In addition, if dmamapsingle fails...

UBUNTU-CVE-2021-47044

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix shift-out-of-bounds in loadbalance Syzbot reported a handful of occurrences where an sd-nrbalancefailed can grow to much higher values than one would expect. A successful loadbalance resets it to 0; a failed one...

SUSE CVE-2024-26599

In the Linux kernel, the following vulnerability has been resolved: pwm: Fix out-of-bounds access in ofpwmsinglexlate With args-argscount == 2 args-args2 is not defined. Actually the flags are contained in args-args1...

DEBIAN-CVE-2024-26599

In the Linux kernel, the following vulnerability has been resolved: pwm: Fix out-of-bounds access in ofpwmsinglexlate With args-argscount == 2 args-args2 is not defined. Actually the flags are contained in args-args1...

UBUNTU-CVE-2024-26599

In the Linux kernel, the following vulnerability has been resolved: pwm: Fix out-of-bounds access in ofpwmsinglexlate With args-argscount == 2 args-args2 is not defined. Actually the flags are contained in args-args1...