MiracleLinux 4 : qt-4.6.2-26.AXS4 (AXSA:2013-282:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-282:01 advisory. Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. Security issues fixed with thi...

MiracleLinux 4 : jakarta-taglibs-standard-1.1.1-11.7.0.1.AXS4 (AXSA:2015-477:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-477:01 advisory. This package contains Jakarta Taglibs's open-source implementation of the JSP Standard Tag Library JSTL, version 1.1. JSTL is a standard under the Java...

TencentOS Server 3: microcode_ctl (TSSA-2022:0254)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0254 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2020-0254

There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152647751...

CVE-2012-0254

Stack-based buffer overflow in the HMIWeb Browser HSCDSPRenderDLL ActiveX control in Honeywell Process Solutions HPS Experion R2xx, R30x, R31x, and R400.x; Honeywell Building Solutions HBS Enterprise Building Manager R400 and R410.1; and Honeywell Environmental Combustion and Controls ECC Symmetr...

CVE-2025-0254

creationtimestamp| type| source ---|---|--- 2025-03-20 14:45:22+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114195295182774871 2025-03-20 15:18:11+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8200 2025-03-20 17:08:52+00:00| seen|...

CVE-2025-0254

HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle MitM attacks prior to 9.5 CF226. An attacker could intercept and potentially alter communication between two parties...

CVE-2025-0254 HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle (MitM) attacks prior to 9.5 CF226.

HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle MitM attacks prior to 9.5 CF226. An attacker could intercept and potentially alter communication between two parties...

Linux Distros Unpatched Vulnerability : CVE-2015-0254

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity XXE attacks via a crafted XSLT extension i...

CVE-2024-0254

creationtimestamp| type| source ---|---|--- 2024-02-21 08:06:53+00:00| seen| https://t.me/ctinow/189304...

CVE-2024-0254

The Simply Guest Author Name plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post meta in all versions up to, and including, 4.34 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-0254 (Simply) Guest Author Name <= 4.34 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Simply Guest Author Name plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post meta in all versions up to, and including, 4.34 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-0254

CVE-2024-0254 affects the WordPress plugin (Simply) Guest Author Name, vulnerable up to version 4.34 due to insufficient input sanitization and output escaping in post meta. This enables stored cross-site scripting by authenticated users with contributor-level permissions (or higher) and page loa...

RHSA-2024:0254

creationtimestamp| type| source ---|---|--- 2024-01-15 17:21:11+00:00| seen| https://t.me/ctinow/168457...

Security Bulletin: OpenSource Apache Taglibs Vulnerability affects IBM Jazz Reporting Service (CVE-2015-0254)

Summary Apache Standard Taglibs could allow a remote attacker to execute arbitrary code on the system, caused by an XML External Entity Injection XXE error when processing XML data. Vulnerability Details CVEID:CVE-2015-0254 DESCRIPTION: Apache Standard Taglibs could allow a remote attacker to...

Debian: Security Advisory (DLA-210-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2003-0254

Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service CPU consumption by infinite loop when the FTP proxy server fails to create an IPv6 socket...

SUSE CVE-2013-0254

The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions world-readable and world-writable for shared memory segments, which allows local users to read sensitive information or modify critical program data, as demonstrat...

CVE-2023-0254

creationtimestamp| type| source ---|---|--- 2023-01-12 20:30:21+00:00| seen| https://t.me/cibsecurity/56439...

CVE-2023-0254 Simple Membership WP user Import <= 1.7 - Authenticated (Admin+) SQL Injection

The Simple Membership WP user Import plugin for WordPress is vulnerable to SQL Injection via the ‘orderby’ parameter in versions up to, and including, 1.7 due to insufficient escaping on the user supplied parameter. This makes it possible for authenticated attackers with administrative privileges...