EUVD-2026-0973

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch...

CVE-2000-0973

creationtimestamp| type| source ---|---|--- 2025-10-13 05:59:55+00:00| seen| https://mastodon.social/users/bagder/statuses/115365327055772482 2025-10-13 06:00:00+00:00| seen| https://bsky.app/profile/bagder.mastodon.social.ap.brid.gy/post/3m32jx4dvpsm2 2025-10-14 02:11:38+00:00| seen|...

CVE-2024-0973

The Widget for Social Page Feeds WordPress plugin before 6.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2021-0973

In isFileUri of UriUtil.java, there is a possible way to bypass ignoring file://URI attachment due to improper handling of case sensitivity. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

CVE-2025-0973

A vulnerability classified as critical was found in CmsEasy 7.7.7.9. This vulnerability affects the function backAllaction in the library lib/admin/databaseadmin.php of the file /index.php?case=database=backAlldir=admin=default. The manipulation of the argument select leads to path traversal. The...

CVE-2025-0973

creationtimestamp| type| source ---|---|--- 2025-02-03 01:15:21+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhaek5zcbv2c 2025-02-03 03:35:41+00:00| seen| https://t.me/cvedetector/17031 2025-02-03 04:03:29+00:00| seen|...

CVE-2025-0973

A vulnerability classified as critical was found in CmsEasy 7.7.7.9. This vulnerability affects the function backAllaction in the library lib/admin/databaseadmin.php of the file /index.php?case=database&act=backAll&admindir=admin&site=default. The manipulation of the argument select leads to path...

CVE-2025-0973 CmsEasy index.php backAll_action path traversal

A vulnerability classified as critical was found in CmsEasy 7.7.7.9. This vulnerability affects the function backAllaction in the library lib/admin/databaseadmin.php of the file /index.php?case=database&act=backAll&admindir=admin&site=default. The manipulation of the argument select leads to path...

WordPress Widget for Social Page Feeds Plugin < 6.4 is vulnerable to Cross Site Scripting (XSS)

Software Widget for Social Page Feeds Type Plugin Vulnerable versions 6.4 Fixed in 6.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0973 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 4afed9c5ac4e Credits Dmitrii Ignatyev...

CVE-2024-0973

The Widget for Social Page Feeds WordPress plugin before 6.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-0973 Widget for Social Page Feeds < 6.4 - Admin+ Stored XSS

The Widget for Social Page Feeds WordPress plugin before 6.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-0973 Widget for Social Page Feeds < 6.4 - Admin+ Stored XSS

The Widget for Social Page Feeds WordPress plugin before 6.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-0973

The CVE-2024-0973 entry relates to the Widget for Social Page Feeds WordPress plugin, prior to version 6.4. It is described as Stored XSS caused by insufficient sanitization/escaping of plugin settings, enabling high-privilege users (e.g., Administrators) to inject scripts even when unfiltered_ht...

Rocky Linux 8 : postgresql:15 (RLSA-2024:0973)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:0973 advisory. - Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer...

AlmaLinux 8 : postgresql:15 (ALSA-2024:0973)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0973 advisory. postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 Tenable has extracted the preceding description block directly...

Oracle Linux 8 : postgresql:15 (ELSA-2024-0973)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0973 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 15.6-1 - update to 15.6 - Fixes CVE-2024-0985 Tenable has extracted the preceding description block directly fr...

RHEL 8 : postgresql:15 (RHSA-2024:0973)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0973 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...

BELL-CVE-2015-0973 CVE-2015-0973 does not affect BellSoft software

Bulletin has no description...

Step Tools Third-Party

1. EXECUTIVE SUMMARY CVSS v3 2.2 ATTENTION: Low attack complexity Vendor: Step Tools, Inc Equipment: STEPTools ifcmesh library Vulnerability: Null Pointer Dereference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to deny application usage when reading a...

CVE-2023-0973

creationtimestamp| type| source ---|---|--- 2023-03-13 21:53:31+00:00| seen| https://t.me/cibsecurity/59930...