AlmaLinux 10 : libsoup3 (ALSA-2026:0423)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:0423 advisory. libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 Tenable has extracted the preceding...

RockyLinux 10 : libsoup3 (RLSA-2026:0423)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0423 advisory. libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 Tenable has extracted the preceding...

Oracle Linux 10 : libsoup3 (ELSA-2026-0423)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0423 advisory. - Fix CVE-2025-14523 - Add patch for CVE-2025-12105 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...

EUVD-2026-0423

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

Linux Distros Unpatched Vulnerability : CVE-2020-0423

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel wit...

Linux Distros Unpatched Vulnerability : CVE-2013-0423

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to...

CVE-2025-0423

In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple unauthenticated stored cross-site scripting vulnerabilities. An unauthenticated attacker is able to compromise the sessions of users on the server by injecting JavaScript code into their...

CVE-2025-0423

Cordaware bestinformed Web is affected by CVE-2025-0423 due to improper sanitization of user input, enabling unauthenticated stored cross-site scripting. The vulnerability allows an attacker to inject JavaScript into user sessions and potentially abuse user privileges on the application. The affe...

CVE-2025-0423 Multiple Unauthenticated Stored Cross-Site Scripting

In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple unauthenticated stored cross-site scripting vulnerabilities. An unauthenticated attacker is able to compromise the sessions of users on the server by injecting JavaScript code into their...

CVE-2025-0423 Multiple Unauthenticated Stored Cross-Site Scripting

In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple unauthenticated stored cross-site scripting vulnerabilities. An unauthenticated attacker is able to compromise the sessions of users on the server by injecting JavaScript code into their...

Photon OS 4.0: Gdk PHSA-2023-4.0-0423

An update of the gdk package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0423. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20365...

openSUSE: Security Advisory for aws (SUSE-SU-2023:0423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:0423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : samba (RHSA-2024:0423)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0423 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

CVE-2024-0423

creationtimestamp| type| source ---|---|--- 2024-01-11 21:26:52+00:00| seen| https://t.me/ctinow/166849 2024-01-30 14:41:51+00:00| seen| https://t.me/ctinow/175939 2025-05-14 18:31:57+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16361...

CVE-2024-0423

CVE-2024-0423 affects CodeAstro Online Food Ordering System v1.0. The vulnerability is in the dishes.php functionality, where manipulation of the res_id parameter causes cross-site scripting. It may be exploited remotely and the public exploit has been disclosed. Remediation details are not provi...

CVE-2023-0423

creationtimestamp| type| source ---|---|--- 2023-04-10 18:32:54+00:00| seen| https://t.me/cibsecurity/61752...

CVE-2023-0423

CVE-2023-0423 affects the WordPress Amazon S3 Plugin for WordPress versions before 1.6. The vulnerability is a Reflected Cross‑Site Scripting caused by insufficient sanitization/escaping of a parameter before it is echoed back on the page, which could be exploited against high‑privilege users suc...

SUSE CVE-2013-0423

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs...

Security Bulletin: IBM Smart Analytics System 5600 is affected by vulnerabilities in the IBM Java SDK

Abstract The IBM Smart Analytics System 5600 contains a management host that is installed with the Mozilla Firefox browser. The browser is configured to use IBM Java SDK for Java Web Start applications. The browser software is configured in this manner to allow the use of the Remote Control...