AlmaLinux 8 : openssl (ALSA-2026:0337)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:0337 advisory. openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 Tenable has extracted the preceding description block directly from the AlmaLinux security...

RockyLinux 8 : openssl (RLSA-2026:0337)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0337 advisory. openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 Tenable has extracted the preceding description block directly from the RockyLinux securi...

CVE-2021-0337

In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-...

CVE-1999-0337

AIX batch queue bsh allows local and remote users to gain additional privileges when network printing is enabled...

EUVD-2026-0337

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

Linux Distros Unpatched Vulnerability : CVE-2017-0337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the...

CVE-2024-0337

The Travelpayouts: All Travel Brands in One Place WordPress plugin through 1.1.15 is vulnerable to Open Redirect due to insufficient validation on the travelpayoutsredirect variable. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can...

CVE-2023-0337

Cross-site Scripting XSS - Reflected in GitHub repository lirantal/daloradius prior to master-branch...

CVE-2019-0337

Java Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs and allows an attacker to execute malicious scripts in the url thereby resulting in Reflected Cross-Site Scripting XSS vulnerability...

ServiceNow Platform Authorization Bypass (CVE-2025-0337)

ServiceNow has addressed an authorization bypass vulnerability that was identified in the Washington release of the Now Platform. This vulnerability, if exploited, potentially could enable an authenticated user to access data stored within the Now Platform that the user otherwise would not be...

CVE-2025-0337

ServiceNow has addressed an authorization bypass vulnerability that was identified in the Washington release of the Now Platform. This vulnerability, if exploited, potentially could enable an authenticated user to access unauthorized data stored within the Now Platform that the user otherwise wou...

CVE-2025-0337

creationtimestamp| type| source ---|---|--- 2025-03-06 16:33:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6696 2025-03-06 19:41:40+00:00| seen| https://t.me/cvedetector/19721 2025-03-06 19:54:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljqbkhq2j22y 2025-03-08...

CVE-2025-0337

CVE-2025-0337 describes an authorization bypass in the Now Platform (Washington release) where an authenticated user could access data they are not entitled to. The vulnerability is addressed via patches and a family release made available to hosted and self-hosted customers and partners. Connect...

Mageia: Security Advisory (MGASA-2024-0337)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-0337

creationtimestamp| type| source ---|---|--- 2024-04-13 02:22:26+00:00| seen| https://t.me/arpsyndicate/4633 2024-05-14 00:33:47+00:00| published-proof-of-concept| https://t.me/CNArsenal/2476...

WordPress Travelpayouts Plugin <= 1.1.16 is vulnerable to Open Redirection

Software Travelpayouts Type Plugin Vulnerable versions = 1.1.16 Fixed in 1.1.17 OWASP Top 10 A1: Injection Classification Open Redirection CVE CVE-2024-0337 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 22ec7383525a Credits Krzysztof Zając CERT PL Required privilege...

CVE-2024-0337

CVE-2024-0337 corresponds to an Open Redirect vulnerability in the Travelpayouts: All Travel Brands in One Place WordPress plugin. Connected data shows the issue arises from insufficient validation of the travelpayouts_redirect variable, enabling unauthenticated attackers to steer users to potent...

CVE-2024-0337 Travelpayouts <= 1.1.15 - Open Redirect

The Travelpayouts: All Travel Brands in One Place WordPress plugin through 1.1.15 is vulnerable to Open Redirect due to insufficient validation on the travelpayoutsredirect variable. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can...

Important: Red Hat Security Advisory: RHACS 4.2 security update

Updated images are now available for Red Hat Advanced Cluster Security 4.2.4. The updated images includes security fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Rocky Linux 9 : expat (RLSA-2023:0337)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:0337 advisory. - In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory...