TencentOS Server 4: libsolv (TSSA-2026:0423)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0423 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

AlmaLinux 10 : libsoup3 (ALSA-2026:0423)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:0423 advisory. libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 Tenable has extracted the preceding...

RockyLinux 10 : libsoup3 (RLSA-2026:0423)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0423 advisory. libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 Tenable has extracted the preceding...

Oracle Linux 10 : libsoup3 (ELSA-2026-0423)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0423 advisory. - Fix CVE-2025-14523 - Add patch for CVE-2025-12105 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...

EUVD-2026-0423

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

Linux Distros Unpatched Vulnerability : CVE-2020-0423

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel wit...

Linux Distros Unpatched Vulnerability : CVE-2013-0423

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to...

CVE-2025-0423

In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple unauthenticated stored cross-site scripting vulnerabilities. An unauthenticated attacker is able to compromise the sessions of users on the server by injecting JavaScript code into their...

CVE-2025-0423 Multiple Unauthenticated Stored Cross-Site Scripting

In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple unauthenticated stored cross-site scripting vulnerabilities. An unauthenticated attacker is able to compromise the sessions of users on the server by injecting JavaScript code into their...

CVE-2025-0423 Multiple Unauthenticated Stored Cross-Site Scripting

In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple unauthenticated stored cross-site scripting vulnerabilities. An unauthenticated attacker is able to compromise the sessions of users on the server by injecting JavaScript code into their...

CVE-2025-0423

Cordaware bestinformed Web is affected by CVE-2025-0423 due to improper sanitization of user input, enabling unauthenticated stored cross-site scripting. The vulnerability allows an attacker to inject JavaScript into user sessions and potentially abuse user privileges on the application. The affe...

Photon OS 4.0: Gdk PHSA-2023-4.0-0423

An update of the gdk package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0423. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20365...

openSUSE: Security Advisory for aws (SUSE-SU-2023:0423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:0423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : samba (RHSA-2024:0423)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0423 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

CVE-2024-0423

creationtimestamp| type| source ---|---|--- 2024-01-11 21:26:52+00:00| seen| https://t.me/ctinow/166849 2024-01-30 14:41:51+00:00| seen| https://t.me/ctinow/175939 2025-05-14 18:31:57+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16361...

CVE-2024-0423

CVE-2024-0423 affects CodeAstro Online Food Ordering System v1.0. The vulnerability is in the dishes.php functionality, where manipulation of the res_id parameter causes cross-site scripting. It may be exploited remotely and the public exploit has been disclosed. Remediation details are not provi...

CVE-2023-0423

creationtimestamp| type| source ---|---|--- 2023-04-10 18:32:54+00:00| seen| https://t.me/cibsecurity/61752...

CVE-2023-0423

CVE-2023-0423 affects the WordPress Amazon S3 Plugin for WordPress versions before 1.6. The vulnerability is a Reflected Cross‑Site Scripting caused by insufficient sanitization/escaping of a parameter before it is echoed back on the page, which could be exploited against high‑privilege users suc...

SUSE CVE-2013-0423

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs...