Vulnerabilidades

*** Pendiente de traducción *** Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

*** Pendiente de traducción *** A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /del_curr.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

*** Pendiente de traducción *** A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this issue is some unknown functionality of the file /del_booking.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used.

*** Pendiente de traducción *** IBM Engineering Requirements Management DOORS Next (IBM Jazz Foundation 7.0.2 to 7.0.2 iFix034, 7.0.3 to 7.0.3 iFix016, and 7.1.0 to 7.1.0 iFix004) is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users on the host network to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

*** Pendiente de traducción *** A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknown function of the file /pages/save_curr.php. This manipulation of the argument currcode causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.

*** Pendiente de traducción *** A SQL Injection vulnerability exists in the edit_product.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The product_id GET parameter is unsafely passed to a SQL query without proper validation or parameterization.

*** Pendiente de traducción *** A Cross-Site Scripting (XSS) vulnerability was found in the register.php page of PuneethReddyHC Event Management System 1.0, where the event_id GET parameter is improperly handled. An attacker can craft a malicious URL to execute arbitrary JavaScript in the victim s browser by injecting code into this parameter.

*** Pendiente de traducción *** Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting (XSS) in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that executes in the victim's browser upon clicking the "Convert to HTML" button.

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk<br /> <br /> When the best clk is searched, we iterate over all possible clk.<br /> <br /> If we find a better match, the previous one, if any, needs to be freed.<br /> If a better match has already been found, we still need to free the new<br /> one, otherwise it leaks.

*** Pendiente de traducción *** A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /del_room.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.

*** Pendiente de traducción *** A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /pages/save_room.php. The manipulation of the argument floorno leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> wifi: mt7601u: fix an integer underflow<br /> <br /> Fix an integer underflow that leads to a null pointer dereference in<br /> &amp;#39;mt7601u_rx_skb_from_seg()&amp;#39;. The variable &amp;#39;dma_len&amp;#39; in the URB packet<br /> could be manipulated, which could trigger an integer underflow of<br /> &amp;#39;seg_len&amp;#39; in &amp;#39;mt7601u_rx_process_seg()&amp;#39;. This underflow subsequently<br /> causes the &amp;#39;bad_frame&amp;#39; checks in &amp;#39;mt7601u_rx_skb_from_seg()&amp;#39; to be<br /> bypassed, eventually leading to a dereference of the pointer &amp;#39;p&amp;#39;, which<br /> is a null pointer.<br /> <br /> Ensure that &amp;#39;dma_len&amp;#39; is greater than &amp;#39;min_seg_len&amp;#39;.<br /> <br /> Found by a modified version of syzkaller.<br /> <br /> KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]<br /> CPU: 0 PID: 12 Comm: ksoftirqd/0 Tainted: G W O 5.14.0+<br /> #139<br /> Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS<br /> rel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014<br /> RIP: 0010:skb_add_rx_frag+0x143/0x370<br /> Code: e2 07 83 c2 03 38 ca 7c 08 84 c9 0f 85 86 01 00 00 4c 8d 7d 08 44<br /> 89 68 08 48 b8 00 00 00 00 00 fc ff df 4c 89 fa 48 c1 ea 03 3c 02<br /> 00 0f 85 cd 01 00 00 48 8b 45 08 a8 01 0f 85 3d 01 00 00<br /> RSP: 0018:ffffc900000cfc90 EFLAGS: 00010202<br /> RAX: dffffc0000000000 RBX: ffff888115520dc0 RCX: 0000000000000000<br /> RDX: 0000000000000001 RSI: ffff8881118430c0 RDI: ffff8881118430f8<br /> RBP: 0000000000000000 R08: 0000000000000e09 R09: 0000000000000010<br /> R10: ffff888111843017 R11: ffffed1022308602 R12: 0000000000000000<br /> R13: 0000000000000e09 R14: 0000000000000010 R15: 0000000000000008<br /> FS: 0000000000000000(0000) GS:ffff88811a800000(0000)<br /> knlGS:0000000000000000<br /> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033<br /> CR2: 000000004035af40 CR3: 00000001157f2000 CR4: 0000000000750ef0<br /> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000<br /> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400<br /> PKRU: 55555554<br /> Call Trace:<br /> mt7601u_rx_tasklet+0xc73/0x1270<br /> ? mt7601u_submit_rx_buf.isra.0+0x510/0x510<br /> ? tasklet_action_common.isra.0+0x79/0x2f0<br /> tasklet_action_common.isra.0+0x206/0x2f0<br /> __do_softirq+0x1b5/0x880<br /> ? tasklet_unlock+0x30/0x30<br /> run_ksoftirqd+0x26/0x50<br /> smpboot_thread_fn+0x34f/0x7d0<br /> ? smpboot_register_percpu_thread+0x370/0x370<br /> kthread+0x3a1/0x480<br /> ? set_kthread_struct+0x120/0x120<br /> ret_from_fork+0x1f/0x30<br /> Modules linked in: 88XXau(O) 88x2bu(O)<br /> ---[ end trace 57f34f93b4da0f9b ]---<br /> RIP: 0010:skb_add_rx_frag+0x143/0x370<br /> Code: e2 07 83 c2 03 38 ca 7c 08 84 c9 0f 85 86 01 00 00 4c 8d 7d 08 44<br /> 89 68 08 48 b8 00 00 00 00 00 fc ff df 4c 89 fa 48 c1 ea 03 3c 02<br /> 00 0f 85 cd 01 00 00 48 8b 45 08 a8 01 0f 85 3d 01 00 00<br /> RSP: 0018:ffffc900000cfc90 EFLAGS: 00010202<br /> RAX: dffffc0000000000 RBX: ffff888115520dc0 RCX: 0000000000000000<br /> RDX: 0000000000000001 RSI: ffff8881118430c0 RDI: ffff8881118430f8<br /> RBP: 0000000000000000 R08: 0000000000000e09 R09: 0000000000000010<br /> R10: ffff888111843017 R11: ffffed1022308602 R12: 0000000000000000<br /> R13: 0000000000000e09 R14: 0000000000000010 R15: 0000000000000008<br /> FS: 0000000000000000(0000) GS:ffff88811a800000(0000)<br /> knlGS:0000000000000000<br /> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033<br /> CR2: 000000004035af40 CR3: 00000001157f2000 CR4: 0000000000750ef0<br /> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000<br /> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400<br /> PKRU: 55555554