CVE-2023-2010
published 2023-07-04CVE-2023-2010: The Forminator WordPress plugin before 1.24.1 does not use an atomic operation to check whether a user has already voted, and then update that information…
PriorityP411low3.1CVSS 3.1
AVNACHPRLUINSUCNILAN
EPSS
0.36%
27.8th percentile
The Forminator WordPress plugin before 1.24.1 does not use an atomic operation to check whether a user has already voted, and then update that information. This leads to a Race Condition that may allow a single user to vote multiple times on a poll.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| incsub | forminator | < 1.24.1 | 1.24.1 |
CVSS provenance
nvdv3.13.1LOWCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
cisa7.8HIGH
vendor_redhat7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mpfv-fqq5-66mx: The Forminator WordPress plugin before 1
ghsa_unreviewed·2023-07-04
CVE-2023-2010 [LOW] CWE-362 GHSA-mpfv-fqq5-66mx: The Forminator WordPress plugin before 1
The Forminator WordPress plugin before 1.24.1 does not use an atomic operation to check whether a user has already voted, and then update that information. This leads to a Race Condition that may allow a single user to vote multiple times on a poll.
Red Hat
kernel: nubus: Partially revert proc_create_single_data() conversion
vendor_redhat·2025-09-15·CVSS 7.8
CVE-2023-53217 [HIGH] kernel: nubus: Partially revert proc_create_single_data() conversion
kernel: nubus: Partially revert proc_create_single_data() conversion
In the Linux kernel, the following vulnerability has been resolved:
nubus: Partially revert proc_create_single_data() conversion
The conversion to proc_create_single_data() introduced a regression
whereby reading a file in /proc/bus/nubus results in a seg fault:
# grep -r . /proc/bus/nubus/e/
Data read fault at 0x00000020 in Super Data (pc=0x1074c2)
BAD KERNEL BUSERR
Oops: 00000000
Modules linked in:
PC: [] PDE_DATA+0xc/0x16
SR: 2010 SP: 38284958 a2: 01152370
d0: 00000001 d1: 01013000 d2: 01002790 d3: 00000000
d4: 00000001 d5: 0008ce2e a0: 00000000 a1: 00222a40
Process grep (pid: 45, task=142f8727)
Frame format=B ssw=074d isc=2008 isb=4e5e daddr=00000020 dobuf=01199e70
baddr=001074c8 dibuf=ffffffff ver=f
Stack from 01199
Palo Alto
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2024-09-04·CVSS 6.0
CVE-2022-22965 [MEDIUM] PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2010-1622, CVE-2015-7552, CVE-2018-16840, CVE-2019-7639, CVE-2020-17049, CVE-2020-7774, CVE-2021-0131, CVE-2021-0132, CVE-2021-0133, CVE-2021-0134, CVE-2021-4044, CVE-2021-4160, CVE-2021-41773, CVE-2022-1343, CVE-2022-21449, CVE-2022-2274, CVE-2022-22963, CVE-2022-22965, CVE-2022-24697, CVE-2022-32207, CVE-2022-3358, CVE-2022-3996, CVE-2022-40664, CVE-2022-44792, CVE-2022-44793, CVE-2023-1255, CVE-2023-22809, CVE-2023-23919, CVE-2023-3341, CVE-2023-4236, CVE-2023-4863, CVE-2023-51767
Affected products: PAN-OS
Red Hat
vim: use after free
vendor_redhat·2023-10-10·CVSS 7.8
CVE-2023-5535 [HIGH] CWE-416 vim: use after free
vim: use after free
Use After Free in GitHub repository vim/vim prior to v9.0.2010.
A heap-based buffer overflow vulnerability was found in some affected packages of Vim. This flaw allows an attacker to send a specially crafted file that could lead to a complete system compromise when opened by a victim.
Statement: Red Hat Product Security has rated this issue as having a Low security impact, because the "victim" has to run an untrusted file IN SCRIPT MODE. Someone who is running untrusted files in script mode is equivalent to someone just taking a random python script and running it.
Since Red Hat Enterprise Linux 6, 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity
CISA
Linux Kernel Improper Input Validation Vulnerability
cisa·2023-05-12·CVSS 7.8
CVE-2010-3904 [HIGH] CWE-20 Linux Kernel Improper Input Validation Vulnerability
Vulnerability: Linux Kernel Improper Input Validation Vulnerability
Affected: Linux Kernel
Linux Kernel contains an improper input validation vulnerability in the Reliable Datagram Sockets (RDS) protocol implementation that allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
Required Action: The impacted product is end-of-life and should be disconnected if still in use.
Notes: https://lkml.iu.edu/hypermail/linux/kernel/1601.3/06474.html; https://nvd.nist.gov/vuln/detail/CVE-2010-3904
Remediation Due Date: 2023-06-02
Red Hat
exim: hard-link following vulnerability in mailbox handling
vendor_redhat·2010-06-03·CVSS 4.4
CVE-2010-2023 [MEDIUM] exim: hard-link following vulnerability in mailbox handling
exim: hard-link following vulnerability in mailbox handling
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
Statement: The Red Hat Security Response Team has rated this issue as having low security impact. By default, /var/spool/mail/ is not provided with permissions to make an attack scenario possible, and there is no reason for permissions to be relaxed in such a way as to make it possible. We therefore have no plans to fix this flaw in Red Hat Enterprise Linux 4 or 5.
Package: exim (Red Hat Enterprise Linux 4) - Affected
Package: exim (Red Hat Enterp
Suricata
ET WEB_SPECIFIC_APPS Joomla! SQL Injection Attempt -- categories.php text SELECT
suricata·2010-07-30
CVE-2007-0373 ET WEB_SPECIFIC_APPS Joomla! SQL Injection Attempt -- categories.php text SELECT
ET WEB_SPECIFIC_APPS Joomla! SQL Injection Attempt -- categories.php text SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Joomla! SQL Injection Attempt -- categories.php text SELECT"; flow:established,to_server; http.uri; content:"/plugins/search/categories.php?"; nocase; content:"text="; nocase; content:"SELECT"; nocase; content:"FROM"; nocase; distance:0; reference:cve,2007-0373; reference:url,www.securityfocus.com/bid/22122; classtype:web-application-attack; sid:2005438; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, cve CVE_2007_0373, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2023_06_05, mitre_tactic_id TA0001, mitre_tactic_name
No public exploits indexed.
Bugzilla
CVE-2010-4554 CVE-2010-4555 CVE-2011-2023 squirrelmail various flaws [epel-6]
bugzilla·2011-07-12·CVSS 4.3
CVE-2010-4554 [MEDIUM] CVE-2010-4554 CVE-2010-4555 CVE-2011-2023 squirrelmail various flaws [epel-6]
CVE-2010-4554 CVE-2010-4555 CVE-2011-2023 squirrelmail various flaws [epel-6]
epel-6 tracking bug for squirrelmail: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes
in the 'blocks' bugs.
[bug automatically created by: add-tracking-bugs]
Discussion:
Adding parent bug CVE-2010-4555
New bodhi update url:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=720693,720694
---
Adding parent bug CVE-2011-2023
New bodhi update url:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=720693,720694,720695
---
in git, but epel buildroot seems broken right now
---
This was fixed a long time ago.
Bugzilla
CVE-2010-2023 exim: hard-link following vulnerability in mailbox handling
bugzilla·2010-06-03·CVSS 4.4
CVE-2010-2023 [MEDIUM] CVE-2010-2023 exim: hard-link following vulnerability in mailbox handling
CVE-2010-2023 exim: hard-link following vulnerability in mailbox handling
Dan Rosenberg reported that when exim is used with a world-writable mail directory, with the sticky-bit set, local users could create hard-links to other non-root users' files in the mailbox storage directory, causing files to be overwritten upon mail delivery. This could be used to create a denial of service condition or potentially escalate privileges to those of targeted users.
Further information is available from the upstream bug report [1] and this has been fixed upstream in exim 4.72 [2].
[1] http://bugs.exim.org/show_bug.cgi?id=988
[2] http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.24&r2=1.25
The /var/spool/mail directory on Red Hat Enterprise Linux and Fedora is mode 0755 and o
2023-07-04
Published