EUVD-2026-0380

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

CVE-2021-0380

In onReceive of DcTracker.java, there is a possible way to trigger a provisioning URL and modify other telephony settings due to a missing permission check. This could lead to local escalation of privilege during the onboarding flow with no additional execution privileges needed. User interaction...

CVE-2020-0380

In allocExcessBits of bitalloc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0...

CVE-2019-0380

Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows custom secure parameters’ default values to be part of the application logs leading to Information Disclosure...

crypt_guard (>=0.1.4 <=1.3.6), crypt_guard_kyber (>=0.1.1 <=0.1.2) +14 more potentially affected by unknown CVE via pqcrypto-dilithium (>=0.1.1 <=0.5.0)

pqcrypto-dilithium CARGO version =0.1.1, =0.1.4, =0.1.1, =0.1.0, =0.1.1, =0.0.1, =0.6.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =2.0.0, =2.1.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0380...

Photon OS 3.0: Vim PHSA-2022-3.0-0380

An update of the vim package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0380. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20408...

Photon OS 4.0: Redis PHSA-2023-4.0-0380

An update of the redis package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0380. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Bluez PHSA-2023-4.0-0380

An update of the bluez package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0380. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2024-0380

creationtimestamp| type| source ---|---|--- 2024-02-05 23:31:28+00:00| seen| https://t.me/ctinow/179598 2024-02-12 07:36:24+00:00| seen| https://t.me/ctinow/182925...

CVE-2024-0380

The CVE-2024-0380 entry concerns WP Recipe Maker for WordPress, where Directory Traversal was possible in all versions up to 9.1.0 via the icon attribute in Shortcodes. Authenticated attackers with contributor-level access and above could include SVG file contents from the server, enabling Cross-...

CVE-2023-0380

CVE-2023-0380 affects Easy Digital Downloads WordPress plugin versions before 3.1.0.5. The issue arises from insufficient validation/escaping of certain block options when they are output in a page/post where the block is embedded, enabling Stored Cross-Site Scripting by users with the contributo...

CVE-2023-0380 Easy Digital Downloads < 3.1.0.5 - Contributor+ Stored XSS

The Easy Digital Downloads WordPress plugin before 3.1.0.5 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

SUSE CVE-2017-0380

The rendserviceintroestablished function in or/rendservice.c in Tor before 0.2.8.15, 0.2.9.x before 0.2.9.12, 0.3.0.x before 0.3.0.11, 0.3.1.x before 0.3.1.7, and 0.3.2.x before 0.3.2.1-alpha, when SafeLogging is disabled, allows attackers to obtain sensitive information by leveraging access to t...

WordPress Easy Digital Downloads Plugin < 3.1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Easy Digital Downloads Type Plugin Vulnerable versions 3.1.0.5 Fixed in 3.1.0.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0380 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 553ace90a817 Credits István...

Important: Red Hat Security Advisory: libXpm security update

An update for libXpm is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security...

Mageia: Security Advisory (MGASA-2022-0380)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important Photon OS Security Update - PHSA-2022-3.0-0380

Updates of 'vim' packages of Photon OS have been released...

CVE-2022-0380

The Fotobook WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping and the use of $SERVER'PHPSELF' found in the /options-fotobook.php file which allows attackers to inject arbitrary web scripts onto the page, in versions up to and including 3.2.3...

CVE-2022-0380 Fotobook <= 3.2.3 Reflected Cross-Site Scripting

The Fotobook WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping and the use of $SERVER'PHPSELF' found in the /options-fotobook.php file which allows attackers to inject arbitrary web scripts onto the page, in versions up to and including 3.2.3...

CVE-2022-0380

The CVE-2022-0380 entry concerns the Fotobook WordPress plugin (vulnerable through 3.2.3) with a Reflected Cross‑Site Scripting flaw. The root cause is insufficient escaping and the use of $_SERVER['PHP_SELF'] in ~/options-fotobook.php, enabling injection of arbitrary scripts onto the page. Affec...