EUVD-2026-0216

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

EUVD-2024-0216

Malicious code in bioql PyPI...

CVE-2020-0216

In phNciNfcRecvMfResp of phNxpExtnsMifareStd.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

CVE-2022-0216 affecting package qemu-kvm 4.2.0-48

CVE-2022-0216 affecting package qemu-kvm 4.2.0-48. No patch is available currently...

edk2 security update

Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...

Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Analytics System [CVE-2022-4450, CVE-2023-0216, CVE-2023-0401, CVE-2022-4203, CVE-2023-0217]

Summary Redhat provided OpenSSL is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2022-4450, CVE-2023-0216, CVE-2023-0401, CVE-2022-4203, CVE-2023-0217 Vulnerability Details CVEID:CVE-2022-4450 DESCRIPTION: OpenSSL is vulnerable to a...

Photon OS 5.0: Expat PHSA-2024-5.0-0216

An update of the expat package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0216. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 2.0: Yarn PHSA-2020-2.0-0216

An update of the yarn package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0216. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE: Security Advisory (SUSE-SU-2024:1395-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-0216

The Google Doc Embedder plugin for WordPress is vulnerable to Server Side Request Forgery via the 'gview' shortcode in versions up to, and including, 2.6.4. This can allow authenticated attackers with contributor-level permissions or above to make web requests to arbitrary locations originating...

CVE-2024-0216

The CVE-2024-0216 entry for Google Doc Embedder (WordPress) is a SSRF vulnerability in the gview shortcode present in WordPress plugin versions up to 2.6.4. Reported impact states that authenticated users with contributor permissions can cause the application to make outbound requests to arbitrar...

CVE-2024-0216 Google Doc Embedder <= 2.6.4 - Authenticated (Contributor+) Blind Server Side Request Forgery

The Google Doc Embedder plugin for WordPress is vulnerable to Server Side Request Forgery via the 'gview' shortcode in versions up to, and including, 2.6.4. This can allow authenticated attackers with contributor-level permissions or above to make web requests to arbitrary locations originating...

WordPress Google Document Embedder Plugin <= 2.6.4 is vulnerable to Server Side Request Forgery (SSRF)

Software Google Document Embedder Type Plugin Vulnerable versions = 2.6.4 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-0216 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID bfeba1aa8dc2 Credits István Márton Required...

SUSE-SU-2024:1395-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2021-3750: Fixed DMA reentrancy issue that could lead to use-after-free bsc1190011 - CVE-2022-0216: Fixed use-after-free in lsidomsgout function in hw/scsi/lsi53c895a.c bsc1198038 - CVE-2023-0330: Fixed DMA reentrancy issue that could lead to...

openSUSE: Security Advisory for openssl (SUSE-SU-2023:0312-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Siemens SCALANCE OpenSSL NULL Pointer Dereference (CVE-2023-0216)

An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2iPKCS7, d2iPKCS7bio or d2iPKCS7fp functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in...

Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware

Microsoft has warned of a new wave of CACTUS ransomware attacks that leverage malvertising lures to deploy DanaBot as an initial access vector. The DanaBot infections led to "hands-on-keyboard activity by ransomware operator Storm-0216 Twisted Spider, UNC2198, culminating in the deployment of...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Observability with Instana (Agent container image)

Summary OpenSSL is used by IBM Observability with Instana Self-hosted on Docker as part of it's container images. CVE-2023-0286, CVE-2022-4304, CVE-2023-0215, CVE-2022-4450, CVE-2022-4203, CVE-2023-0216, CVE-2023-0217, CVE-2023-0401 Vulnerability Details CVEID:CVE-2023-0286 DESCRIPTION: OpenSSL i...

Security Bulletin: IBM App Connect Enterprise Certified Container Dashboard operands are vulnerable to denial of service and loss of confidentiality due to multiple vulnerabilities

Summary OpenSSL is present in the IBM App Connect Enterprise Certified Container Dashboard operand image. OpenSSL is vulnerable to denial of service and loss of confidentiality. This bulletin provides patch information to address the reported vulnerability in OpenSSL. CVE-2023-0217, CVE-2023-1255...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Tivoli Netcool System Service Monitors/Application Service Monitors (CVE-2022-4304, CVE-2023-0215, CVE-2023-0286,CVE-2022-4450, CVE-2023-0216, CVE-2023-0401, CVE-2022-4203, CVE-2023-0217)

Summary There is a security advisory for openSSL1.0.2r which is used by IBM Tivoli Netcool System Service Monitors/Application Service Monitors 4.0.1 Vulnerability Details CVEID:CVE-2022-4450 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error related to the...