368433 matches found
CVE-2021-47021
CVE-2021-47021 is a Linux kernel vulnerability in the mt76 mt7915 driver area. The issue is a memory leak that occurs during mt7915_unregister_device(), with a specific root-cause: mt7915_tx_token_put() must be called before mt76_free_pending_txwi(). The description notes that the memory leak was...
CVE-2024-26351
Flusity-CMS v2.33 contains a Cross-Site Request Forgery (CSRF) in the /core/tools/update_place.php component. The issue stems from CSRF in the update_place workflow, enabling state-changing requests under the attacker’s context when a user is tricked to interact with the CMS. Per CVSS 3.1 metrics...
CVE-2021-46983
CVE-2021-46983 corresponds to a Linux kernel issue in nvmet-rdma where a NULL pointer dereference could occur when SEND completes with error. The root cause is that nvmet_rdma_error_comp attempted to access the cq_context to obtain the queue, but the cq_context is no longer valid after switching ...
CVE-2021-46959
CVE-2021-46959 is a Linux kernel SPI subsystem use-after-free issue (devm_spi_alloc_{master,slave}) caused by relying on the devres list during spi_unregister_controller. The root cause is that devres_find() runs after the devres list has been torn down, leading to underflow of reference counters...
CVE-2021-47058
CVE-2021-47058 is a Linux kernel vulnerability affecting the regmap debugfs path. The issue arises from a memory leak in which debugfs_name is freed in regmap_debugfs_exit() but not recreated due to a conditional added by upstream commit cffa4b2122f5. The relevant sequence involves regmap_reinit_...
CVE-2023-52461
CVE-2023-52461 affects the Linux kernel DRM scheduler component, specifically drm_sched_entity_init(). The issue is a bounds-limiting fault where, if a malformed drm_sched_entity is encountered with an out-of-bounds priority value, the code previously allowed the value to slip into an invalid sta...
CVE-2021-47028
CVE-2021-47028 affects the Linux kernel mt76 mt7915 driver stack. The issue is in tx rate reporting for mt7915e devices (cfg80211/mac80211 flow), where rate_info was not checked correctly, leading to unexpected or incorrect bitrate reporting. The connected NASL document confirms a fix in the txra...
CVE-2024-27008
CVE-2024-27008 is confirmed in the connected MiracleLinux advisories as a Linux kernel vulnerability affecting the drm nv04 driver. Description: when Output Resource (dcb->or) is assigned in fabricate_dcb_output(), there can be an out-of-bounds access to the dac_users array if dcb->or is ze...
CVE-2021-46985
CVE-2021-46985 corresponds to a Linux kernel vulnerability in the ACPI subsystem: if acpi_device_set_name() fails, acpi_device_bus_id->bus_id must be freed to avoid a memory leak in the error path. The connected Nessus/NVL entries reference Tencent/TencentOS and Unity Linux advisories noting t...
CVE-2024-26614
CVE-2024-26614 : Linux kernel vulnerability where the accept_queue spinlocks were not initialized correctly, enabling a local attacker to trigger a denial of service. The issue surfaces in tcp handling and was observed in syz reproductions showing pvqspinlock corruption during queue operations. C...
CVE-2024-31573
CVE-2024-31573 affects XMLUnit for Java prior to 2.10.0. In default configurations, XSLT extension functions are enabled during an XSLT transformation, which may allow code execution via an untrusted stylesheet. The vulnerability is described across multiple connected documents (including Nessus ...
CVE-2017-3169
CVE-2017-3169 affects Apache HTTP Server (httpd) up to the fixed versions: 2.2.x before 2.2.33 and 2.4.x before 2.4.26. The vulnerability is a NULL pointer dereference in the httpd’s mod_ssl component when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS po...
CVE-2024-3918
CVE-2024-3918 corresponds to a Stored XSS vulnerability in the WordPress Pet Manager plugin (versions up to 1.4). The issue arises because some Pet settings are not properly sanitised/escaped, enabling high-privilege users (e.g., Contributors) to store scripts that could affect other site users. ...
CVE-2024-25082
FontForge (through 20230101) is affected by CVE-2024-25081 and CVE-2024-25082, allowing shell command injection via specially crafted filenames or archives/compressed files. Public advisories from Debian (DSA-5641-1), AlmaLinux (ALSA-2024-2495 / ALSA-2024-565), and Amazon Linux (ALAS2024-2495 / A...
CVE-2020-1927
CVE-2020-1927 affects Apache HTTP Server 2.4.0–2.4.41, where mod_rewrite redirects intended to be self-referential could be fooled by encoded newlines and redirect to an unexpected URL within the request. Multiple connected advisories confirm the issue and indicate that fixes were released in Apa...
CVE-2024-25742
CVE-2024-25742 in the Linux kernel (pre-6.9) allows an untrusted hypervisor to inject virtual interrupt 29 (#VC) at any time and trigger its handler, impacting AMD SEV-SNP and AMD SEV-ES. Public references point to kernel commits and advisories (e.g., ChangeLog-6.9, AMD SB-3008). Connected Nessus...
CVE-2023-52492
CVE-2023-52492 refers to a Linux kernel vulnerability in the DMA engine where __dma_async_device_channel_unregister() could dereference a NULL chan->local if __dma_async_device_channel_register() failed and channels were unregistered. The fixed behavior adds a guard at the beginning of __dma_a...
CVE-2024-26612
CVE-2024-26612 affects the Linux kernel in the netfs/fscache path. The vulnerability stems from dereferencing a pointer in fscache_put_cache() before verifying it with IS_ERR_OR_NULL(), allowing a potential NULL pointer dereference. The fix changes the order to check first, then dereference. Conn...
CVE-2023-51747
Apache James SMTP server is affected in versions prior to 3.8.1 and 3.7.5. The root cause is lenient line-delimiter handling, which can enable SMTP smuggling by causing differences in interpretation between sender and receiver, potentially bypassing SPF checks. The fix enforces CRLF as the line d...
CVE-2024-26468
CVE-2024-26468 describes a DOM-based XSS in the jstrieb/urlpages project, affecting the code path in the index.html component prior to commit 035b647. An attacker can trigger arbitrary Javascript by sending a crafted URL. The available sources consistently cite the same issue without extending in...
CVE-2024-35554
idccms v1.35 is affected by a Cross-Site Request Forgery (CSRF) in the admin component /admin/infoWeb_deal.php?mudi=del&dataType=newsWeb&dataTypeCN. The underlying issue involves CSRF in the /admin/infoWeb_deal.php path with parameters mudi, dataType, and dataTypeCN that enables unauthorized acti...
CVE-2024-26608
The CVE-2024-26608 entry describes a Linux kernel ksmbd_nl_policy out-of-bounds read that was addressed by a patch to fix a global oob in ksmbd_nl_policy. The bug manifested as a read of size 1 at a netlink attribute parsing path, with the faulting address located in ksmbd_nl_policy+0x100/0xa80 a...
CVE-2023-4826
The vulnerability CVE-2023-4826 affects the SocialDriver WordPress theme, specifically versions prior to 2024. It is a prototype pollution issue that could allow an attacker to inject arbitrary properties, leading to cross-site scripting (XSS). The root cause is a pollution of object properties i...
CVE-2022-20655
CVE-2022-20655 describes a CLI command-injection vulnerability in ConfD on Cisco devices. It results from insufficient validation of a process argument in the CLI, enabling an authenticated, local attacker to inject commands during execution and potentially run arbitrary commands with the privile...
CVE-2024-25369
This CVE concerns FUEL CMS 1.5.2, where a reflected XSS flaw exists in the group_id parameter that can allow an attacker to execute arbitrary code. The descriptions consistently attribute the issue to FUEL CMS 1.5.2 and do not provide concrete mitigation steps or a confirmed patched version withi...
CVE-2023-52368
CVE-2023-52368 is linked to Huawei HarmonyOS/EMUI via CNVD/CNNVD references. The vulnerability is described as an input verification flaw in the Accounts module that can cause features to behave abnormally and, per CNVD, may lead to a denial-of-service condition. The NVD entry lists a network-bas...
CVE-2024-41035
CVE-2024-41035 (Linux kernel USB core) : A duplicate-endpoint bug in usbcore was caused by assuming bEndpointAddress reserved bits are always 0, making endpoint_is_duplicate() misclassify descriptors that share direction and endpoint number. The fix clears the reserved bits when parsing endpoint ...
CVE-2024-0407
The CVE concerns HP Enterprise LaserJet and HP LaserJet Managed Printers. Affected component: the device’s certificate store used for outbound connections to services enabled by some solutions. Root cause: connections may have been trusted without the appropriate CA certificate, leading to inform...
CVE-2024-2301
CVE-2024-2301 concerns HP LaserJet Pro devices vulnerable to Cross-Site Scripting (XSS) via the web management interface. Evidence across multiple feeds indicates a web-based XSS weakness in HP LaserJet Pro printers, with the underlying issue described as an XSS vulnerability in the device’s web ...
CVE-2019-9513
CVE-2019-9513 (and related HTTP/2 CVEs) affect nginx and nghttp2. The issues enable denial of service via HTTP/2 resource loops and priority/window manipulation, causing high CPU/memory usage. nginx 1.16.x and nghttp2 are specifically named in advisories; remediation is upgrading to fixed package...
CVE-2018-20685
CVE-2018-20685 affects OpenSSH scp client: scp.c allows remote servers to bypass access restrictions via the filename "." or an empty filename, potentially enabling modification of the client-directory permissions. Multiple advisories confirm this vulnerability and fix paths: Arch Linux ASA-20190...
CVE-2024-35560
CVE-2024-35560 affects idccms v1.35 and is a CSRF flaw in the /admin/ca_deal.php endpoint with parameters mudi=del, dataType, and dataTypeCN. The CVE documents report the vulnerability but do not provide exploit details beyond the CSRF condition; CVSSv3.1 base score is 4.3 (MEDIUM) with UI:Requir...
CVE-2024-1846
CVE-2024-1846 affects the WordPress plugin “Responsive Tabs” (versions before 4.0.7). The issue is a lack of validation/escaping of shortcode attributes, leading to Stored XSS when the shortcode is rendered in a post/page. The root cause is improper handling of attributes in the plugin’s output. ...
CVE-2024-21798
The CVE-2024-21798 issue affects ELECOM wireless LAN routers and repeater families. A cross-site scripting (XSS) vulnerability can be triggered when a malicious administrative user configures crafted content; when another admin logs in and operates the device, an arbitrary script may execute in t...
CVE-2024-26859
CVE-2024-26859: In the Linux kernel, a race in the bnX2x driver during EEH error handling could cause a read of freed memory when bnx2x_io_slot_reset() and bnx2x_nic_unload() race. The fix ensures page pool allocations are verified before freeing SGEs to prevent NULL-pointer dereferences and cras...
CVE-2024-26982
CVE-2024-26982 affects the Linux kernel Squashfs code. The vulnerability arises from an OOB read path in fill_meta_index() triggered by an inode number value of zero, which is treated as unused. After a faulty read aborts, an empty metadata index is invalidated with inode=0, and a subsequent read...
CVE-2024-1106
CVE-2024-1106 – Shariff Wrapper (WordPress) : The plugin prior to 4.6.10 does not sanitize/escape certain settings, enabling Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (e.g., multisite). Reported impact includes potential XSS within outputs generated...
CVE-2024-25768
OpenDMARC 1.4.2 contains a null pointer dereference in opendmarc_policy.c, exposed as CVE-2024-25768. Reported across multiple advisories (Mageia MGASA-2024-0370; Fedora advisories FEDORA-2024-513cf04db3 and FEDORA-2024-dede8e91b1; Fedora 41/40 notes). CVSSv3.1: 7.5 (High) with network attack vec...
CVE-2024-26973
CVE-2024-26973 concerns the Linux kernel fat subsystem. The issue occurred when fat_encode_fh_nostale() encoded a file handle without a parent and stored only the first 10 bytes; since the file handle length must be a multiple of 4, the actual length is 12 bytes and the last two bytes could be un...
CVE-2024-26490
The vulnerability CVE-2024-26490 affects flusity-CMS v2.33, specifically the Addon JD Simple module. The issue is a cross-site scripting (XSS) flaw exploitable through a crafted payload entered into the Title text field of the Addon JD Simple module. The documented impact is execution of arbitrar...
CVE-2024-26862
CVE-2024-26862 — Linux kernel data race (kernel 5.x/6.x) Root cause: missing READ_ONCE()/WRITE_ONCE() annotations for ignore_outgoing reads in packet code; read/write races observed between dev_queue_xmit_nit() and packet_setsockopt(). Syzkaller/KCSAN reported a data-race affecting packet_setsock...
CVE-2024-26999
CVE-2024-26999 — Linux kernel (serial/pmac_zilog) A vulnerability in the Linux kernel’s pmac_zilog serial driver was mitigated by a patch that was later removed. The mitigation intended to stop IRQs entirely caused a crash when pmac_zilog is used as a serial console. Specifically, a pr_err() path...
CVE-2024-25170
Mezzanine v6.0.0 contains a vulnerability where attackers can bypass access controls by manipulating the Host header. Descriptions across Red Hat, GHSA, OSV, NVD, and related advisories consistently reference Host header-based bypass with potential unauthorized access to information or systems. T...
CVE-2014-4078
CVE-2014-4078 affects Microsoft Internet Information Services (IIS) 8.0 and 8.5. The vulnerability is in the IP Security feature, where wildcard rules in the IP Address and Domain Restrictions list are not properly processed, enabling a remote attacker to bypass the intended rule set via an HTTP ...
CVE-2024-26467
CVE-2024-26467 affects the tabatkins/railroad-diagrams project, specifically the generator.html component. A DOM-based cross-site scripting (XSS) flaw is present in versions before commit ea9a123, allowing an attacker to execute arbitrary JavaScript by sending a crafted URL. The issue is triggere...
CVE-2024-26472
KLiK SocialMediaWebsite v1.0.1 (msaad1999) is vulnerable to a reflected cross-site scripting (XSS) flaw. The issue arises when a malicious payload is supplied in the selector or validator parameters of create-new-pwd.php, enabling an attacker to execute arbitrary JavaScript in a user’s browser. T...
CVE-2024-26931
CVE-2024-26931 affects the Linux kernel driver for SCSI over Fibre Channel (scsi: qla2xxx). The issue arises when memory pressure prevents a command flush during cable pull recovery, causing the upper SCSI layer to modify scsi_cmnd improperly. When memory is freed and a subsequent cable pull trig...
CVE-2024-3594
The CVE CVE-2024-3594 concerns the IDonate WordPress plugin (≤ 1.9.0). It states that certain settings are not sanitised/escaped, enabling Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (such as in multisite). Root cause: incomplete sanitization/escaping...
CVE-2023-7202
CVE-2023-7202 affects the Fatal Error Notify WordPress plugin prior to 1.5.3. The root cause is missing authorization checks and CSRF protections in the test_error AJAX action, enabling any authenticated user (e.g., a Subscriber) to trigger error emails to the site admin. This also enables CSRF e...
CVE-2024-26872
The CVE-2024-26872 vulnerability affects the Linux kernel RDMA/srpt subsystem. A race condition allows a use-after-free situation in srpt_refresh_port() when an event handler is registered before the srpt device is fully initialized. The issue can impact confidentiality, integrity, and availabili...