CVE-2021-0588

In processInboundMessage of MceStateMachine.java, there is a possible SMS disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2026-0588

A weakness has been identified in Xinhu Rainrock RockOA up to 2.7.1. Affected by this vulnerability is an unknown functionality of the file rockfun.php of the component API. This manipulation of the argument callback causes cross site scripting. The attack may be initiated remotely. The exploit h...

EUVD-2021-0588

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-0588

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remote code execution vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory...

CVE-2020-0588

Improper conditions check in BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-0588

In affected versions of Octopus Server it was possible for a user with sufficient access to set custom headers in all server responses. By submitting a specifically crafted referrer header the user could ensure that all subsequent server responses would return 500 errors rendering the site mostly...

CVE-2025-0588

In affected versions of Octopus Server it was possible for a user with sufficient access to set custom headers in all server responses. By submitting a specifically crafted referrer header the user could ensure that all subsequent server responses would return 500 errors rendering the site mostly...

CVE-2025-0588

In affected versions of Octopus Server it was possible for a user with sufficient access to set custom headers in all server responses. By submitting a specifically crafted referrer header the user could ensure that all subsequent server responses would return 500 errors rendering the site mostly...

CVE-2025-0588

In affected versions of Octopus Server it was possible for a user with sufficient access to set custom headers in all server responses. By submitting a specifically crafted referrer header the user could ensure that all subsequent server responses would return 500 errors rendering the site mostly...

CVE-2022-0588

Missing Authorization in Packagist librenms/librenms prior to 22.2.0...

WordPress Paid Memberships Pro Plugin <= 2.12.10 is vulnerable to Cross Site Request Forgery (CSRF)

Software Paid Memberships Pro Type Plugin Vulnerable versions = 2.12.10 Fixed in 3.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0588 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6f8ac4a2a197 Credits kodaichodai...

WordPress Paid Memberships Pro Plugin <= 2.12.10 is vulnerable to Cross Site Request Forgery (CSRF)

Software Paid Memberships Pro Type Plugin Vulnerable versions = 2.12.10 Fixed in 3.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0588 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b53bf462fd91 Credits kodaichodai...

CVE-2024-0588

The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.10. This is due to missing nonce validation on the pmproliftersavestreamlineoption function. This mak...

CVE-2024-0588

CVE-2024-0588 affects the WordPress plugin Paid Memberships Pro (all versions

Moderate Photon OS Security Update - PHSA-2024-4.0-0588

Updates of 'linux-aws', 'linux', 'linux-secure', 'linux-rt' packages of Photon OS have been released...

CVE-2023-0588

The CVE-2023-0588 entry describes a Reflected Cross-Site Scripting in the Catalyst Connect Zoho CRM Client Portal WordPress plugin (versions prior to 2.1.0) where an unsanitized parameter is echoed back in the page. Impact is stated as potentially affecting high-privilege users such as admins. Th...

WordPress Catalyst Connect Zoho CRM Client Portal Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Catalyst Connect Zoho CRM Client Portal Type Plugin Vulnerable versions = 2.0.0 Fixed in 2.1.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0588 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 2843a5139fb1 Credit...

SUSE CVE-2005-0588

Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system...

SUSE CVE-2014-0588

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute...

RHEL 8 : CloudForms 5.0.3 (RHSA-2020:0588)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0588 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments...