Security Vulnerabilities - CVEs Published In May 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. A problem with the processing logic for Discord Integrations Chat Messages can lead to a regular expression DoS attack on the server.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-05-14
The ShopLentor (formerly WooLentor) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the purchased_new_products function in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to view all products purchased in the past week, along with the users that purchased them.
CVSS Score
5.3
EPSS Score
0.004
Published
2024-05-14
The Save as PDF Plugin by Pdfcrowd WordPress plugin before 3.2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
CVSS Score
4.8
EPSS Score
0.002
Published
2024-05-14
The WindowManager module has a vulnerability in permission control.
Impact: Successful exploitation of this vulnerability may affect confidentiality.
CVSS Score
6.2
EPSS Score
0.001
Published
2024-05-14
Race condition vulnerability in the soundtrigger module
Impact: Successful exploitation of this vulnerability will affect availability.
CVSS Score
4.1
EPSS Score
0.0
Published
2024-05-14
Privilege escalation vulnerability in the PMS module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-05-14
In the Linux kernel, the following vulnerability has been resolved:
io_uring/af_unix: disable sending io_uring over sockets
File reference cycles have caused lots of problems for io_uring
in the past, and it still doesn't work exactly right and races with
unix_stream_read_generic(). The safest fix would be to completely
disallow sending io_uring files via sockets via SCM_RIGHT, so there
are no possible cycles invloving registered files and thus rendering
SCM accounting on the io_uring side unnecessary.
CVSS Score
4.7
EPSS Score
0.001
Published
2024-05-14
In the Linux kernel, the following vulnerability has been resolved:
usb: aqc111: check packet for fixup for true limit
If a device sends a packet that is inbetween 0
and sizeof(u64) the value passed to skb_trim()
as length will wrap around ending up as some very
large value.
The driver will then proceed to parse the header
located at that position, which will either oops or
process some random value.
The fix is to check against sizeof(u64) rather than
0, which the driver currently does. The issue exists
since the introduction of the driver.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-05-14
In the Linux kernel, the following vulnerability has been resolved:
io_uring: drop any code related to SCM_RIGHTS
This is dead code after we dropped support for passing io_uring fds
over SCM_RIGHTS, get rid of it.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-05-14
Double-free vulnerability in the RSMC module
Impact: Successful exploitation of this vulnerability will affect availability.
CVSS Score
4.7
EPSS Score
0.0
Published
2024-05-14