ECHO-F6BC-0334-3A14

Bulletin has no description...

MiracleLinux 7 : rubygem-bundler-1.7.8-3.el7, rubygem-thor-0.19.1-1.el7 (AXSA:2015-789:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-789:01 advisory. rubygem-bundler Bundler manages an application's dependencies through its entire life, across many machines, systematically and repeatably rubygem-thor Thor i...

Mageia: Security Advisory (MGASA-2025-0334)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TencentOS Server 3: openssl (TSSA-2025:0334)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0334 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2021-0334

In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2020-0334

In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges and a Firmware compromise needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:...

CVE-2019-0334

When creating a module in SAP BusinessObjects Business Intelligence Platform BI Workspace, versions 4.1, 4.2, 4.3, it is possible to store a malicious script which when executed later could potentially allow a user to escalate privileges via session hijacking. The attacker could also access other...

CVE-2023-0334

creationtimestamp| type| source ---|---|--- 2025-03-10 19:39:13+00:00| seen| Telegram/ADjrvPkT9l2tfa83HZV0tdok694wjh-MbRoUtZBYlVzdyhEn...

AlmaLinux 9 : ipa (ALSA-2025:0334)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:0334 advisory. freeipa: Administrative user data leaked through systemd journal CVE-2024-11029 Tenable has extracted the preceding description block directly from the AlmaLinux...

Oracle Linux 9 : ipa (ELSA-2025-0334)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-0334 advisory. 4.12.2-1.0.1.3 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 - Add bind to ipa-server-common Requires Orabug: 36518596 4.12.2-1.3 - Resolve...

CVE-2025-0334

A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /sys/user/listData. The manipulation of the argument order leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-0334 leiyuxi cy-fast listData sql injection

A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /sys/user/listData. The manipulation of the argument order leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-0334 leiyuxi cy-fast listData sql injection

A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /sys/user/listData. The manipulation of the argument order leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-0334

The CVE-2025-0334 entry concerns leiyuxi cy-fast 1.0. The vulnerability exists in the listData function of /sys/user/listData, caused by manipulation of the argument order that leads to SQL injection. Exploring the attack surface shows a remote-executable vulnerability with publicly disclosed exp...

Important Photon OS Security Update - PHSA-2024-5.0-0334

Updates of 'python3' packages of Photon OS have been released...

Photon OS 4.0: Linux PHSA-2023-4.0-0334

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0334. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2024-0334 Jeg Elementor Kit <= 2.6.4 - Authenticated (Contributor+) Cross-Site Scripting via Elementor Widget URL Custom Attributes

The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom attribute of a link in several Elementor widgets in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-0334

CVE-2024-0334 affects Jeg Elementor Kit (WordPress). The vulnerability is Stored XSS via the Elementor Widget URL Custom Attributes due to insufficient input sanitization/output escaping on user-supplied attributes; exploitable by authenticated Contributors+ to inject scripts that run when a user...

CVE-2023-0334

The ShortPixel Adaptive Images WordPress plugin before 3.6.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin...

CVE-2023-0334

CVE-2023-0334 affects the ShortPixel Adaptive Images WordPress plugin prior to 3.6.3. The issue is a Reflected Cross-Site Scripting caused by insufficient sanitisation/escaping of a parameter before it is output in the page. The vulnerability could be leveraged against high-privilege users (e.g.,...