openSUSE Security Advisory (SUSE-SU-2026:0894-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2026-0894

In the Linux kernel, the following vulnerability has been resolved: iavf: Implement settime64 with -EOPNOTSUPP ptpclocksettime assumes every ptpclock has implemented settime64. Stub it with -EOPNOTSUPP to prevent a NULL dereference. The fix is similar to commit 329d050bbe63 "gve: Implement...

Moderate Photon OS Security Update - PHSA-2025-4.0-0894

Updates of 'mysql' packages of Photon OS have been released...

CVE-2019-0894

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0895, CVE-2019-089...

CVE-2020-0894

creationtimestamp| type| source ---|---|--- 2025-02-28 20:27:22+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5986 2025-03-02 11:46:29+00:00| seen| Telegram/p6dK2eigTrYZj7ytS51zLfu3CzmT4u-6hX5El31Ga63E9WuV...

CVE-2022-0894

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.4.0...

Rocky Linux 8 : vim (RLSA-2022:0894)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0894 advisory. - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. CVE-2022-0261, CVE-2022-0359, CVE-2022-0361 - Heap-based Buffer Overflow in...

CVE-2023-0894

The Pickup | Delivery | Dine-in date time WordPress plugin through 1.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

CVE-2023-0894

CVE-2023-0894 affects The Pickup | Delivery | Dine-in date time WordPress plugin up to version 1.0.9. The vulnerability stems from insufficient sanitisation/escaping of certain settings, allowing Stored XSS by high-privilege users (e.g., Admin) even when unfiltered_html is disallowed (e.g., multi...

CVE-2023-0894 Pickup | Delivery | Dine-in date time <= 1.0.9 - Admin+ Stored XSS

The Pickup | Delivery | Dine-in date time WordPress plugin through 1.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

WordPress Pickup | Delivery | Dine-in date time Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Pickup | Delivery | Dine-in date time Type Plugin Vulnerable versions = 1.0.9 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0894 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b34002e286cc Credits Sajj...

Oracle Linux 8 : vim (ELSA-2022-0894)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-0894 advisory. - CVE-2022-0361 vim: Heap-based Buffer Overflow in GitHub repository - CVE-2022-0413 vim: use after free in src/excmds.c - CVE-2022-0413 vim: use after...

CVE-2022-0894

creationtimestamp| type| source ---|---|--- 2022-03-15 13:19:05+00:00| seen| https://t.me/cibsecurity/38913...

CVE-2022-0894 Cross-site Scripting (XSS) - Stored in pimcore/pimcore

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.4.0...

CVE-2022-0894

Pimcore/pimcore (CVE-2022-0894) is affected by a stored cross-site scripting (XSS) vulnerability in the grid options’ name parameter, present in versions prior to 10.4.0. The root cause is insufficient validation/sanitization of user-provided data, allowing injected JavaScript to be executed in t...

CVE-2022-0894 Cross-site Scripting (XSS) - Stored in pimcore/pimcore

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.4.0...

RHEL 8 : vim (RHSA-2022:0894)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0894 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Heap-based buffer overflow in blockinsert in...

CVE-2021-0894

creationtimestamp| type| source ---|---|--- 2021-12-17 20:36:55+00:00| seen| https://t.me/cibsecurity/34208...

CVE-2021-0894

In CVE-2021-0894, the apusys component contains an out-of-bounds write due to a missing bounds check. This can enable local escalation of privilege to SYSTEM with no user interaction required. Patch ID ALPS05672107 and Issue ID ALPS05672038 are associated remediation details. Exploitation status ...

Cross site scripting

A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0894...