CVE-2026-0094

creationtimestamp| type| source ---|---|--- 2026-06-01 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/android-multiple-vulnerabilities20260602 2026-06-02 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/samsung-products-multiple-vulnerabilities20260603...

CVE-2021-0094

Improper link resolution before file access in IntelR DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access...

CuPs (>=0.0.0 <=0.0.5), IF (=0.0.0) +44 more potentially affected by unknown CVE via unic-ucd-category (>=0.5.0 <=0.9.0)

unic-ucd-category CARGO version =0.5.0, =0.0.0, =1.11.3, =0.3.0, =0.3.0, =0.0.102, =0.1.0, =0.0.7, =1.0.0, =0.0.1, =1.0.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0094...

TencentOS Server 3: postgresql-jdbc (TSSA-2024:0094)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0094 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2023-0094

The UpQode Google Maps WordPress plugin through 1.0.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2020-0094

In setImageHeight and setImageWidth of ExifUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...

Mageia: Security Advisory (MGASA-2025-0094)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-0094

creationtimestamp| type| source ---|---|--- 2025-02-03 19:33:09+00:00| seen| https://vulnerability.circl.lu/bundle/cf59c148-4047-4ccd-8ba0-26fb7197899c...

CVE-2024-0094 CVE

NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where an untrusted guest VM can cause improper control of the interaction frequency in the host. A successful exploit of this vulnerability might lead to denial of service...

Security Updates for Microsoft Visio Products (February 2024)

The Microsoft Visio Products are missing a security update. They are, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for this issue but has instead...

Security Updates for Microsoft PowerPoint Products (February 2024)

The Microsoft PowerPoint Products are missing a security update. They are, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for this issue but has instea...

CVE-2023-0094

creationtimestamp| type| source ---|---|--- 2024-01-24 17:16:57+00:00| seen| https://t.me/ctinow/172928 2024-02-06 09:41:29+00:00| seen| https://t.me/ctinow/179857...

CVE-2023-0094

The UpQode Google Maps WordPress plugin through 1.0.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-0094

The CVE-2023-0094 entry pertains to the UpQode Google Maps WordPress plugin (versions 1.0.0–1.0.5). The issue is that the plugin does not validate or escape certain shortcode attributes before echoing them in pages/posts where the shortcode is embedded, enabling Stored XSS for users with the cont...

CVE-2023-0094 UpQode Google Maps <= 1.0.5 - Contributor+ Stored XSS

The UpQode Google Maps WordPress plugin through 1.0.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

Security Bulletin: Security bypass vulnerability in SAN Volume Controller and Storwize Family (CVE-2014-0094)

Summary Apache Struts ParametersInterceptor security bypass Vulnerability Details CVEID: CVE-2014-0094 DESCRIPTION: Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in ParametersInterceptor. An attacker could exploit this vulnerability using the clas...

Mageia: Security Advisory (MGASA-2023-0094)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress UpQode Google Maps Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software UpQode Google Maps Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0094 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 983dbcd3ed03 Credits Lana Codes Requir...

SUSE SLES12 Security Update : python36-setuptools (SUSE-SU-2023:0094-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0094-1 advisory. - Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted packag...

GHSA-PRJV-JJ26-WF8H ClassLoader manipulation in Apache Struts

ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for...