RockyLinux 8 : firefox (RLSA-2026:0667)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0667 advisory. firefox: Spoofing issue in the Downloads Panel component CVE-2025-14327 firefox: Use-after-free in the JavaScript: GC component CVE-2026-0885 firefox:...

Linux Distros Unpatched Vulnerability : CVE-2007-0667

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The redirect function in Form.pm for 1 LedgerSMB before 1.1.5 and 2 SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, relate...

CVE-2024-0667

The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.15.21. This is due to missing or incorrect nonce validation on the 'execute' function. This makes it possible for...

CVE-2013-0667

Cross-site scripting XSS vulnerability in the HMI web application in Siemens WinCC TIA Portal 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

CVE-2025-0667

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in BOINC Server allows Stored XSS.This issue affects BOINC Server: through 1.4.7...

CVE-2025-0667

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in BOINC Server allows Stored XSS.This issue affects BOINC Server: through 1.4.7...

CVE-2025-0667

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in BOINC Server allows Stored XSS.This issue affects BOINC Server: through 1.4.7...

CVE-2001-0667

creationtimestamp| type| source ---|---|--- 2025-01-16 16:55:33+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1974...

Photon OS 4.0: Postgresql14 PHSA-2024-4.0-0667

An update of the postgresql14 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0667. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Critical Photon OS Security Update - PHSA-2024-4.0-0667

Updates of 'postgresql13', 'postgresql14', 'keepalived' packages of Photon OS have been released...

openSUSE: Security Advisory for wireshark (SUSE-SU-2023:3252-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress Form Maker by 10Web Plugin <= 1.15.21 is vulnerable to Cross Site Request Forgery (CSRF)

Software Form Maker by 10Web Type Plugin Vulnerable versions = 1.15.21 Fixed in 1.15.22 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0667 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID fc79e251a660 Credits SudoBash...

CVE-2024-0667

creationtimestamp| type| source ---|---|--- 2024-01-27 05:31:56+00:00| seen| https://t.me/ctinow/174632 2024-02-19 22:01:39+00:00| seen| https://t.me/ctinow/187941...

CVE-2024-0667 Form-Maker (twb_form-maker) <= 1.15.21 - Cross-Site Request Forgery to Limited Code Execution via Execute

The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.15.21. This is due to missing or incorrect nonce validation on the 'execute' function. This makes it possible for...

CVE-2024-0667 Form-Maker (twb_form-maker) <= 1.15.21 - Cross-Site Request Forgery to Limited Code Execution via Execute

The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.15.21. This is due to missing or incorrect nonce validation on the 'execute' function. This makes it possible for...

CVE-2024-0667

The CVE concerns the WordPress plugin Form Maker by 10Web (Mobile-Friendly Drag & Drop Form Builder). A Cross-Site Request Forgery (CSRF) flaw exists in versions up to and including 1.15.21, caused by missing or incorrect nonce validation on the plugin’s execute function. This allows an unauthent...

CVE-2023-0667 affecting package wireshark for versions less than 4.0.8-1

CVE-2023-0667 affecting package wireshark for versions less than 4.0.8-1. An upgraded version of the package is available that resolves this issue...

GLSA-202309-02 : Wireshark: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202309-02 Wireshark: Multiple Vulnerabilities - Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file CVE-2022-3725 - Due to failure in validating th...

SUSE-SU-2023:3252-1 Security update for wireshark

This update for wireshark fixes the following issues: Update to Wireshark 3.6.15: - Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.15.html Security fixes: - CVE-2023-0667: Fixed failure to validate MS-MMS packet length...

Amazon Linux AMI : wireshark (ALAS-2023-1785)

The version of wireshark installed on the remote host is prior to 1.8.10-25.24. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1785 advisory. Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in a...