Vulnerabilities

Unrestricted Upload of File with Dangerous Type vulnerability in SYSBASICS WooCommerce Easy Checkout Field Editor, Fees &amp; Discounts.This issue affects WooCommerce Easy Checkout Field Editor, Fees &amp; Discounts: from n/a through 3.5.12.<br /> <br />

A DOM based cross-site scripting (XSS) vulnerability in the component /beep/Beep.Instrument.js of stewdio beep.js before commit ef22ad7 allows attackers to execute arbitrary Javascript via sending a crafted URL.

A DOM based cross-site scripting (XSS) vulnerability in the component /dom/ranges/Range-test-iframe.html of web-platform-tests/wpt before commit 938e843 allows attackers to execute arbitrary Javascript via sending a crafted URL.

A DOM based cross-site scripting (XSS) vulnerability in the component generator.html of tabatkins/railroad-diagrams before commit ea9a123 allows attackers to execute arbitrary Javascript via sending a crafted URL.

A DOM based cross-site scripting (XSS) vulnerability in the component index.html of jstrieb/urlpages before commit 035b647 allows attackers to execute arbitrary Javascript via sending a crafted URL.

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP<br /> <br /> If the external phy working together with phy-omap-usb2 does not implement<br /> send_srp(), we may still attempt to call it. This can happen on an idle<br /> Ethernet gadget triggering a wakeup for example:<br /> <br /> configfs-gadget.g1 gadget.0: ECM Suspend<br /> configfs-gadget.g1 gadget.0: Port suspended. Triggering wakeup<br /> ...<br /> Unable to handle kernel NULL pointer dereference at virtual address<br /> 00000000 when execute<br /> ...<br /> PC is at 0x0<br /> LR is at musb_gadget_wakeup+0x1d4/0x254 [musb_hdrc]<br /> ...<br /> musb_gadget_wakeup [musb_hdrc] from usb_gadget_wakeup+0x1c/0x3c [udc_core]<br /> usb_gadget_wakeup [udc_core] from eth_start_xmit+0x3b0/0x3d4 [u_ether]<br /> eth_start_xmit [u_ether] from dev_hard_start_xmit+0x94/0x24c<br /> dev_hard_start_xmit from sch_direct_xmit+0x104/0x2e4<br /> sch_direct_xmit from __dev_queue_xmit+0x334/0xd88<br /> __dev_queue_xmit from arp_solicit+0xf0/0x268<br /> arp_solicit from neigh_probe+0x54/0x7c<br /> neigh_probe from __neigh_event_send+0x22c/0x47c<br /> __neigh_event_send from neigh_resolve_output+0x14c/0x1c0<br /> neigh_resolve_output from ip_finish_output2+0x1c8/0x628<br /> ip_finish_output2 from ip_send_skb+0x40/0xd8<br /> ip_send_skb from udp_send_skb+0x124/0x340<br /> udp_send_skb from udp_sendmsg+0x780/0x984<br /> udp_sendmsg from __sys_sendto+0xd8/0x158<br /> __sys_sendto from ret_fast_syscall+0x0/0x58<br /> <br /> Let&amp;#39;s fix the issue by checking for send_srp() and set_vbus() before<br /> calling them. For USB peripheral only cases these both could be NULL.

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ext4: regenerate buddy after block freeing failed if under fc replay<br /> <br /> This mostly reverts commit 6bd97bf273bd ("ext4: remove redundant<br /> mb_regenerate_buddy()") and reintroduces mb_regenerate_buddy(). Based on<br /> code in mb_free_blocks(), fast commit replay can end up marking as free<br /> blocks that are already marked as such. This causes corruption of the<br /> buddy bitmap so we need to regenerate it in that case.

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, specially crafted traffic can cause a heap use after free if the ruleset uses the http.request_header or http.response_header keyword. The vulnerability has been patched in 7.0.3. To work around the vulnerability, avoid the http.request_header and http.response_header keywords.

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3.

Unrestricted Upload of File with Dangerous Type vulnerability in bPlugins LLC Icons Font Loader.This issue affects Icons Font Loader: from n/a through 1.1.4.<br /> <br />

Cross Site Scripting vulnerability in ITFlow.org before commit v.432488eca3998c5be6b6b9e8f8ba01f54bc12378 allows a remtoe attacker to execute arbitrary code and obtain sensitive information via the settings.php, settings+company.php, settings_defaults.php,settings_integrations.php, settings_invoice.php, settings_localization.php, settings_mail.php components.

flusity-CMS 2.33 is vulnerable to Unrestricted Upload of File with Dangerous Type in update_setting.php.