This may result in denial of service or privilege escalation. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. In CloudPanel before 2.3.1, insecure file upload leads to privilege escalation and authentication bypass.Īn issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. Version 1.2.31 contains a fix for this issue. It appears that in some insert and update operations, the code improperly uses the PicoDB library to update/insert new information. In versions prior to 1.2.31authenticated user is able to perform a SQL Injection, leading to a privilege escalation or loss of confidentiality. Kanboard is project management software that focuses on the Kanban methodology. Pacparser_find_proxy in Pacparser before 1.4.2 allows JavaScript injection, and possibly privilege escalation, when the attacker controls the URL (which may be realistic within enterprise security products).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |