openSUSE Security Advisory (SUSE-SU-2026:0364-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-0364

In mobilelogd, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID:...

CVE-2023-0364

The real.Kit WordPress plugin before 5.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2020-0364

In libDRCdec, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-137282770...

CVE-2019-0364

Attackers may misuse an HTTP/REST endpoint of SAP HANA Extended Application Services Advanced model, before version 1.0.118, to enumerate open ports...

CVE-2025-0364

BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated remote code execution via account registration. An unauthenticated remote attacker can create an administrative user through the default exposed SaaS registration mechanism. Once an administrator, the...

CVE-2025-0364

creationtimestamp| type| source ---|---|--- 2025-02-04 17:56:54+00:00| seen| https://infosec.exchange/users/cve/statuses/113946906751178412 2025-02-04 18:15:54+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhenzxr6ut2f 2025-02-04 18:48:30+00:00| seen|...

CVE-2025-0364

CVE-2025-0364 (BigAntSoft BigAnt Server) affects BigAntSoft BigAnt Server up to and including version 5.6.06. The vulnerability allows unauthenticated remote code execution via the default SaaS account registration, where an attacker can create an administrative user and then upload/execute arbit...

CVE-2025-0364 BigAntSoft BigAnt Server Account Registration Bypass to File Upload RCE

BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated remote code execution via account registration. An unauthenticated remote attacker can create an administrative user through the default exposed SaaS registration mechanism. Once an administrator, the...

Photon OS 5.0: Expat PHSA-2024-5.0-0364

An update of the expat package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0364. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Go PHSA-2022-3.0-0364

An update of the go package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0364. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid203817...

CVE-2024-0364 PHPGurukul Hospital Management System query-details.php sql injection

A vulnerability, which was classified as critical, was found in PHPGurukul Hospital Management System 1.0. This affects an unknown part of the file admin/query-details.php. The manipulation of the argument adminremark leads to sql injection. The exploit has been disclosed to the public and may be...

CVE-2024-0364 PHPGurukul Hospital Management System query-details.php sql injection

A vulnerability, which was classified as critical, was found in PHPGurukul Hospital Management System 1.0. This affects an unknown part of the file admin/query-details.php. The manipulation of the argument adminremark leads to sql injection. The exploit has been disclosed to the public and may be...

CVE-2024-0364

CVE-2024-0364 concerns PHPGurukul Hospital Management System 1.0. The vulnerability exists in the unknown portion of admin/query-details.php where the adminremark parameter is manipulated, leading to a SQL injection. The issue is described as critical with potential high impact on confidentiality...

CVE-2023-0364

The real.Kit WordPress plugin before 5.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-0364 real.Kit < 5.1.1 - Contributor+ Stored XSS

The real.Kit WordPress plugin before 5.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-0364

The CVE-2023-0364 issue affects real.Kit WordPress plugin prior to 5.1.1, where certain shortcode attributes are not validated/escaped before output, enabling Stored XSS for users with the contributor role and above. The vulnerability is triggered when the plugin’s shortcode is embedded in a post...

WordPress real.Kit Plugin <= 5.1.0 is vulnerable to Cross Site Scripting (XSS)

Software real.Kit Type Plugin Vulnerable versions = 5.1.0 Fixed in 5.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0364 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID fc7a1c53ac0a Credits Lana Codes Required...

Security Bulletin: Multiple vulnerabilities have been identified in Smack API shipped with IBM Tivoli Netcool Impact (CVE-2014-0363, CVE-2014-0364)

Summary Smack API is used by IBM Tivoli Netcool Impact as part of the Jabber service component. IBM Tivoli Netcool Impact has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2014-0363 DESCRIPTION: Ignite Realtime Smack API could allow a remote attacker to conduct spoofing attacks,...

WordPress Modern Events Calendar Lite Plugin Cross-Site Scripting (CVE-2022-0364)

A stored cross-site scripting vulnerability exists for the WordPress plugin Modern Events Calendar Lite. This vulnerability is due to improper input validation for multiple parameters in the Hourly Schedule section...