CVE-2021-0431

In avrcmsgcback of avrcapi.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

EUVD-2026-0431

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

CVE-2004-0431

creationtimestamp| type| source ---|---|--- 2025-09-09 21:02:21+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lygmjerwpx2k...

CVE-2024-0431

The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20221130. This is due to missing or incorrect nonce validation on the 'ajaxsetdefaultcard' function. This makes it possible for unauthenticated attackers to set the...

CVE-2025-0431

Enterprise Protection contains a vulnerability in URL rewriting that allows an unauthenticated remote attacker to send an email which bypasses URL protections impacting the integrity of recipient's email. This occurs due to improper filtering of backslashes within URLs and affects all versions of...

CVE-2025-0431

Proofpoint Enterprise Protection contains a vulnerability in URL rewriting where improper filtering of backslashes in URLs can allow an unauthenticated remote attacker to send an email that bypasses URL protections, affecting recipient email integrity. Affected are all 8.21, 8.20, and 8.18 branch...

CVE-2025-0431 Enterprise Protection Backslash URL Rewrite Bypass

Enterprise Protection contains a vulnerability in URL rewriting that allows an unauthenticated remote attacker to send an email which bypasses URL protections impacting the integrity of recipient's email. This occurs due to improper filtering of backslashes within URLs and affects all versions of...

CVE-2025-0431 Enterprise Protection Backslash URL Rewrite Bypass

Enterprise Protection contains a vulnerability in URL rewriting that allows an unauthenticated remote attacker to send an email which bypasses URL protections impacting the integrity of recipient's email. This occurs due to improper filtering of backslashes within URLs and affects all versions of...

CVE-2024-0431

creationtimestamp| type| source ---|---|--- 2024-03-14 09:51:08+00:00| seen| https://t.me/ctinow/207573 2025-04-22 16:03:29+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12886...

openSUSE: Security Advisory for apache2 (SUSE-SU-2023:0431-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-0431

The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20221130. This is due to missing or incorrect nonce validation on the 'ajaxsetdefaultcard' function. This makes it possible for unauthenticated attackers to set the...

CVE-2024-0431

CVE-2024-0431 — Gestpay for WooCommerce (WordPress) is a CSRF vulnerability in the ajax_set_default_card handler caused by missing/incorrect nonce validation. It allows unauthenticated attackers to set a user’s default card token via a forged request if a site admin is enticed to perform an actio...

WordPress Gestpay for WooCommerce Plugin <= 20221130 is vulnerable to Cross Site Request Forgery (CSRF)

Software Gestpay for WooCommerce Type Plugin Vulnerable versions = 20221130 Fixed in 20240307 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0431 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c805dc083a4d Credits...

RHEL 9 : kernel-rt (RHSA-2024:0431)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0431 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

Important Photon OS Security Update - PHSA-2023-4.0-0431

Updates of 'perl' packages of Photon OS have been released...

CVE-2023-0431 File Away <= 3.9.9.0.1 - Contributor+ Stored XSS via Shortcode

The File Away WordPress plugin through 3.9.9.0.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

CVE-2023-0431 File Away <= 3.9.9.0.1 - Contributor+ Stored XSS via Shortcode

The File Away WordPress plugin through 3.9.9.0.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

CVE-2023-0431

CVE-2023-0431 affects the File Away WordPress plugin (versions up to 3.9.9.0.1). The vulnerability is a Stored XSS due to insufficient validation/escaping of a shortcode attribute, enabling a contributor-level user to inject script. Public data show the vulnerability as existing and, per Wordfenc...

WordPress File Away Plugin <= 3.9.9.0.1 is vulnerable to Cross Site Scripting (XSS)

Software File Away Type Plugin Vulnerable versions = 3.9.9.0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0431 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID c7613f6f78f2 Credits Lana Codes Required...

SUSE CVE-2013-0431

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows user-assisted remote attackers to bypass the Java security sandbox via unspecified vectors related to JMX, aka "Issue 52," a different vulnerability than...