TencentOS Server 3: socat (TSSA-2025:0680)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0680 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2020-0680

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0679, CVE-2020-0682...

CVE-2013-0680

Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allows remote attackers to cause a denial of service daemon crash or possibly execute...

CVE-2025-0680 New Rock Technologies Cloud Connected Devices has a Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability.

Affected products contain a vulnerability in the device cloud rpc command handling process that could allow remote attackers to take control over arbitrary devices connected to the cloud...

CVE-2025-0680 New Rock Technologies Cloud Connected Devices has a Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability.

Affected products contain a vulnerability in the device cloud rpc command handling process that could allow remote attackers to take control over arbitrary devices connected to the cloud...

CVE-2025-0680

The CVE-2025-0680 entry concerns New Rock Technologies Cloud Connected Devices suffering an OS command injection vulnerability in the device cloud RPC handling path. Affected software/components are the Cloud Connected Devices’ RPC command processing mechanism; root cause appears to be improper h...

CVE-2024-0680

The WP Private Content Plus plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 3.6. This is due to the plugin not properly restricting access to posts via the REST API when a page has been made private. This makes it possible for unauthenticated...

CVE-2024-0680

CVE-2024-0680 affects the WP Private Content Plus plugin for WordPress (versions up to and including 3.6). The root cause is improper access restriction of posts via the REST API when a page is private, allowing unauthenticated attackers to view protected posts. The vulnerability is documented ac...

WordPress WP Private Content Plus Plugin <= 3.6 is vulnerable to Bypass Vulnerability

Software WP Private Content Plus Type Plugin Vulnerable versions = 3.6 Fixed in 3.6.1 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2024-0680 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 0b6db52774fe Credits Francesco Carlucci Required...

SUSE SLES15 / openSUSE 15 Security Update : libxslt (SUSE-SU-2023:0680-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0680-1 advisory. - Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap...

CVE-2023-0680

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...

CVE-2022-0680

The Plezi WordPress plugin before 1.0.3 has a REST endpoint allowing unauthenticated users to update the plzconfigurationtrackerenable option, which is then displayed in the admin panel without sanitisation and escaping, leading to a Stored Cross-Site Scripting issue...

CVE-2022-0680 Plezi < 1.0.3 - Unauthenticated Stored XSS

The Plezi WordPress plugin before 1.0.3 has a REST endpoint allowing unauthenticated users to update the plzconfigurationtrackerenable option, which is then displayed in the admin panel without sanitisation and escaping, leading to a Stored Cross-Site Scripting issue...

CVE-2022-0680

CVE-2022-0680 affects the Plezi WordPress plugin (before 1.0.3). A REST endpoint allows unauthenticated users to update plz_configuration_tracker_enable, and the value is displayed in the admin panel without sanitisation/escaping, causing a Stored XSS. Connected advisories from RH, CNVD, CNNVD, C...

CVE-2021-0680

In system properties, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID:...

CVE-2021-0680

CVE-2021-0680 : Affects Android on MediaTek components (System properties) where a missing permission check in system properties could allow local information disclosure without user interaction. Impact: disclosure of sensitive data on the device. Root cause per connected sources: insufficient ac...

Microsoft Windows Multiple Vulnerabilities (KB4537789)

This host is missing a critical security update according to Microsoft KB4537789 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4532693)

This host is missing a critical security update according to Microsoft KB4532693 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4537764)

This host is missing a critical security update according to Microsoft KB4537764 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-0680

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0679, CVE-2020-0682...