85 matches found
Oracle Linux 9 : firefox (ELSA-2026-0694)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0694 advisory. 140.7.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red...
CVE-2026-0694
creationtimestamp| type| source ---|---|--- 2026-01-14 07:35:45+00:00| seen| https://gist.github.com/Darkcrai86/fbbf153265a3dd17e2abcc074a6aa6bd 2026-01-14 10:31:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mceuhse6mz2y...
CVE-2022-0694
The Advanced Booking Calendar WordPress plugin before 1.7.0 does not validate and escape the calendar parameter before using it in a SQL statement via the abcbookinggetSingleCalendar AJAX action available to both unauthenticated and authenticated users, leading to an unauthenticated SQL injection...
Important Photon OS Security Update - PHSA-2025-5.0-0694
Updates of 'linux', 'libpng', 'linux-esx' packages of Photon OS have been released...
CVE-2021-0694
In setServiceForegroundInnerLocked of ActiveServices.java, there is a possible way for a background application to regain foreground permissions due to insufficient background restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User...
CVE-2020-0694
A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0693...
CVE-2013-0694
The Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier have hardcoded credentials in a ROM, which makes it easier for remote attackers to obtain shell access to the underlying OS by...
CVE-2025-0694
creationtimestamp| type| source ---|---|--- 2025-03-18 13:21:14+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114183639798780722 2025-03-18 13:33:33+00:00| seen| https://t.me/cvedetector/20560 2025-03-18 14:08:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkntrtnav2...
Photon OS 4.0: Linux PHSA-2024-4.0-0694
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0694. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
SUSE SLES15: kernel-livepatch-5_14_21-150500_55_39-default / etc (SUSE-SU-2024:0694-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:0694-1 advisory. This update for the Linux Kernel 5.14.21-1505005539 fixes one issue. The following security issue was fixed: - CVE-2023-51780: Fixed a use-after-free i...
CVE-2024-0694
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-6620. Reason: This candidate is a reservation duplicate of CVE-2023-6620. Notes: All CVE users should reference CVE-2023-6620 instead of this candidate. All references and descriptions in this candidate have been remov...
WordPress Metform Elementor Contact Form Builder Plugin < 3.3.2 Multiple Information Disclosure Vulnerabilities
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpmet:metformelementorcontactformbuilder"; if description...
WordPress Metform Elementor Contact Form Builder Plugin <= 3.3.1 is vulnerable to Sensitive Data Exposure
Software Metform Elementor Contact Form Builder Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.3.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-0694 Patch priority High CVSS severity High 6.5 Developer Wpmet PSID 15806b79fbee Credits Ramuel Gall...
CVE-2023-0694
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about any standard form...
CVE-2023-0694 Metform Elementor Contact Form Builder <= 3.3.1 - Authenticated (Subscriber+) Information Disclosure via mf shortcode
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about any standard form...
CVE-2023-0694
CVE-2023-0694 affects Metform Elementor Contact Form Builder for WordPress. Affected versions are up to and including 3.3.1 and allow authenticated subscribers (or higher) to disclose sensitive data from standard form fields via the mf shortcode. The vulnerability is an Information Disclosure iss...
CVE-2021-0694
The CVE-2021-0694 entry concerns Android 11, where in ActiveServices.java (setServiceForegroundInnerLocked) a background app can regain foreground permissions due to insufficient background restrictions, leading to local elevation of privilege without requiring user interaction. The impact is ele...
CVE-2022-0694 Advanced Booking Calendar < 1.7.0 - Unauthenticated SQL Injection
The Advanced Booking Calendar WordPress plugin before 1.7.0 does not validate and escape the calendar parameter before using it in a SQL statement via the abcbookinggetSingleCalendar AJAX action available to both unauthenticated and authenticated users, leading to an unauthenticated SQL injection...
CVE-2022-0694
The CVE-2022-0694 entry concerns the WordPress plugin Advanced Booking Calendar before v1.7.0. The vulnerability is an unauthenticated SQL injection arising because abc_booking_getSingleCalendar does not validate or escape the calendar parameter before using it in a SQL statement, and the AJAX ac...
SUSE: Security Advisory (SUSE-SU-2022:0694-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...