118 matches found
Vertiv Liebert SiteScan Improper Validation of Array Index (CVE-2025-0657)
CWE-129 Improper Validation of Array Index vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. Software uses an array index that has not been properly validated to ensure it falls within valid array bounds. This can result in out-of-bounds access,...
Automated Logic WebCTRL Improper Validation of Array Index (CVE-2025-0657)
CWE-129 Improper Validation of Array Index vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. Software uses an array index that has not been properly validated to ensure it falls within valid array bounds. This can result in out-of-bounds access,...
CVE-1999-0657
WinGate is being used...
SUSE CVE-2002-0657
Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos enabled, allows attackers to execute arbitrary code via a long master key...
CVE-2025-0657
creationtimestamp| type| source ---|---|--- 2025-11-27 01:28:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6l7r7wlgi2u...
CVE-2022-0657
The 5 Stars Rating Funnel WordPress Plugin | RRatingg WordPress plugin before 1.2.54 does not properly sanitise, validate and escape lead ids before using them in a SQL statement via the rrtnggdeleteleads AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection...
CVE-2023-0657 vulnerabilities
Vulnerabilities for packages: keycloak-fips, keycloak...
CVE-2023-0657 vulnerabilities
Vulnerabilities for packages: keycloak...
CVE-2023-0657
creationtimestamp| type| source ---|---|--- 2024-11-17 10:25:44+00:00| seen| https://infosec.exchange/users/cve/statuses/113497810108556154 2024-11-17 12:56:57+00:00| seen| https://t.me/cvedetector/11257...
CVE-2023-0657
The CVE-2023-0657 entries concern Keycloak, where a flaw is described as improper enforcement of token types when validating signatures locally. This could let an authenticated attacker exchange a logout token for an access token, potentially accessing data outside of enforced permissions. The co...
Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun DoS', 'Description' = %q This module exploits a buffer underrun vulnerability in Microsoft's...
Important Photon OS Security Update - PHSA-2024-4.0-0657
Updates of 'bindutils' packages of Photon OS have been released...
com.charlyghislain.keycloak:keycloak-importexport (=21.0.0), com.github.vzakharchenko:chillispot-radius-plugin (>=1.4.10 <=1.4.11) +79 more potentially affected by CVE-2023-0657 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=22.0.1)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =0.3.0-20.0.1, =0.4.5-20.0.2, =1.0.1, =1.3.2, =1.3.6 - io.github.jeff-tian:keycloak-phone-provider =2.3.10 and more Source cves: CVE-2023-0657 Source advisor...
WordPress Internal Link Juicer: SEO Auto Linker for WordPress Plugin <= 2.23.4 is vulnerable to Cross Site Scripting (XSS)
Software Internal Link Juicer: SEO Auto Linker for WordPress Type Plugin Vulnerable versions = 2.23.4 Fixed in 2.23.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0657 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID...
CVE-2024-0657
creationtimestamp| type| source ---|---|--- 2024-02-09 06:21:26+00:00| seen| https://t.me/ctinow/181816 2024-03-02 14:16:38+00:00| seen| https://t.me/ctinow/198364...
CVE-2024-0657 Internal Link Juicer <= 2.23.4 - Authenticated (Admin+) Stored Cross-Site Scripting
The Internal Link Juicer: SEO Auto Linker for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings such as 'iljsettingsfieldlinksperpage' in all versions up to, and including, 2.23.4 due to insufficient input sanitization and output escaping. This makes i...
CVE-2024-0657
CVE-2024-0657 affects the Internal Link Juicer (WordPress) where Stored XSS can be injected via admin settings (e.g., ilj_settings_field_links_per_page) in all versions up to 2.23.4 due to insufficient input sanitization/output escaping. Attackers with administrator privileges can execute scripts...
Critical Photon OS Security Update - PHSA-2023-3.0-0657
Updates of 'libwebp' packages of Photon OS have been released...
K8424: Java Runtime Environment Vulnerability - CVE-2008-0657
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
SUSE CVE-2004-0657
Integer overflow in the NTP daemon NTPd before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time...