RHEL 6 : sudo (RHSA-2026:13896)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:13896 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

CVE-2025-13896

creationtimestamp| type| source ---|---|--- 2025-12-06 09:34:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7cp57v2ea2q...

CVE-2025-13896 Social Feed Gallery Portfolio <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute

The Social Feed Gallery Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the igp-wp shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

WordPress Social Feed Gallery Portfolio plugin <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Social Feed Gallery Portfolio versions = 1.3...

CVE-2020-13896

The web interface of Maipu MP1800X-50 7.5.3.14R devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime...

CVE-2018-13896

XBLSEC image authentication and other crypto related validations are accessible to a compromised OEM XBL Loader due to missing lock at XBLSEC stage.. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...

WordPress WP-GeSHi-Highlight plugin <= 1.4.3 - Author+ ReDoS vulnerability

Author+ ReDoS vulnerability discovered by Pierre Rudloff in WordPress Plugin WP-GeSHi-Highlight versions = 1.4.3...

CVE-2024-13896

The WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages WordPress plugin through 1.4.3 processes user-supplied input as a regular expression via the wpgeshifilterreplacecode function, which could lead to Regular Expression Denial of Service ReDoS issue...

CVE-2024-13896

creationtimestamp| type| source ---|---|--- 2025-04-10 06:48:35+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11195 2025-04-10 09:32:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmh73todsg2r...

CVE-2024-13896 WP-GeSHi-Highlight <= 1.4.3 - Author+ ReDoS

The WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages WordPress plugin through 1.4.3 processes user-supplied input as a regular expression via the wpgeshifilterreplacecode function, which could lead to Regular Expression Denial of Service ReDoS issue...

CVE-2024-13896 WP-GeSHi-Highlight <= 1.4.3 - Author+ ReDoS

The WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages WordPress plugin through 1.4.3 processes user-supplied input as a regular expression via the wpgeshifilterreplacecode function, which could lead to Regular Expression Denial of Service ReDoS issue...

CVE-2017-13896

Rejected reason: This candidate is unused by its CNA...

CVE-2020-13896

The web interface of Maipu MP1800X-50 7.5.3.14R devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime...

CVE-2020-13896

The web interface of Maipu MP1800X-50 7.5.3.14R devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime...

CVE-2020-13896

The CVE-2020-13896 entry documents an information-disclosure vulnerability in Maipu MP1800X-50 devices (firmware 7.5.3.14(R)) where the web interface exposes sensitive data via form/formDeviceVerGet. Connected sources (CNVD-2021-39048, CNVD-2019-02748) describe an information-disclosure flaw in t...

CVE-2018-13896

creationtimestamp| type| source ---|---|--- 2019-07-22 18:28:17+00:00| seen| https://t.me/cibsecurity/5637...

CVE-2018-13896

CVE-2018-13896 affects Qualcomm closed-source components (XBL_SEC image authentication and related crypto checks) across Snapdragon platforms. Root cause: missing lock at the XBL_SEC stage allowing a compromised OEM XBL Loader to access image authentication and crypto validations. Impact per sour...

CVE-2018-13896

XBLSEC image authentication and other crypto related validations are accessible to a compromised OEM XBL Loader due to missing lock at XBLSEC stage.. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...

CVE-2017-13896

CVE-2017-13896 entry is rejected/not used per the initial description.