WordPress Xagio SEO plugin <= 7.1.0.30 - Authenticated (Subscriber+) Server-Side Request Forgery vulnerability

Authenticated Subscriber+ Server-Side Request Forgery vulnerability discovered by Jack Taylor in WordPress Plugin Xagio SEO versions = 7.1.0.30...

CVE-2025-14438

creationtimestamp| type| source ---|---|--- 2026-01-06 06:01:28+00:00| seen| Telegram/C8cKa5CH9I3NM3jeEU5QbxYCnFxc-EFqHQ9i2kT9Led6pw 2026-01-06 07:20:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mbqg2ipejg2q...

Linux Distros Unpatched Vulnerability : CVE-2019-14438

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer over-read in xiphPackHeaders in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based...

Oracle Linux 8 : kernel (ELSA-2025-14438)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14438 advisory. - udp: Fix memory accounting leak. Xin Long RHEL-104084 CVE-2025-22058 - i40e: fix MMIO write access to an invalid page in i40eclearhw Dennis Chen...

K000138056: Wireshark vulnerability CVE-2018-14438

Security Advisory Description In Wireshark through 2.6.2, the createapprunningmutex function in wsutil/fileutil.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily. CVE-2018-14438 Impact There is no impact; F5 products are not...

Mageia: Security Advisory (MGASA-2019-0233)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Advisory ROSA-SA-2021-1997

Software: wirehark 1.10.14 OS: Cobalt 7.9 CVE-ID: CVE-2015-3814 CVE-Crit: HIGH CVE-DESC: The functions 1 exctfsrequest and 2 exctfsresponse in epan / dissectors / packet-ieee80211.c in IEEE 802.11 dissector in Wireshark 1.10.x through 1.10.14 and 1.12.x through 1.12.5 interpret the null. value as...

CVE-2020-14438

CVE-2020-14438 affects a range of NETGEAR devices (RBK/RBR/RBS series) with firmware versions before 3.2.15.25. The vulnerability is a pre-authenticated command injection in affected devices, exploitable by an unauthenticated attacker on an adjacent network. Impact is described as high to critica...

GLSA-201909-02 : VLC: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201909-02 VLC: Multiple vulnerabilities Multiple vulnerabilities have been discovered in VLC. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details...

Updated vlc packages fixes security vulnerabilities

Updated vlc packages fixes security vulnerabilities: Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed CVE-2019-13602, CVE-2019-13962, CVE-2019-14437, CVE-2019-14438,...

CVE-2019-14438

A heap-based buffer over-read in xiphPackHeaders in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file...

CVE-2019-14438

A heap-based buffer over-read in xiphPackHeaders in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file...

CVE-2019-14438

CVE-2019-14438 affects VideoLAN VLC media player 3.0.7.1 and earlier, due to a heap-based buffer over-read in xiph_PackHeaders() within modules/demux/xiph.h, exploitable via crafted .ogg files. Multiple connected advisories confirm the issue and track fixes to VLC 3.0.8 (and related package updat...

KLA11761 Multiple vulnerabilities in VLC media player

Multiple vulnerabilities were found in VLC media player. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Integer Underflow vulnerability can be exploited to cause a denial of service; 2. Heap-based buffer over-read...

Debian: Security Advisory (DSA-4504-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-14438

In Wireshark through 2.6.2, the createapprunningmutex function in wsutil/fileutil.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily...

CVE-2018-14438

Wireshark prior to 2.6.2: the create_app_running_mutex function in wsutil/file_util.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to arbitrarily modify access control. This constitutes an access control vulnerability that does not appear to involve authentication or...

CVE-2017-14438

CVE-2017-14438 affects the Moxa EDR-810 Industrial Secure Router (V4.1, build 17030317). The vulnerability lies in the Service Agent: sending a specially crafted large TCP packet to port 4000 (and 4001) can cause a denial-of-service crash. Talos reports the issue on ports 4000/tcp and 4001/tcp wi...

Moxa EDR-810 Service Agent Multiple Denial of Service Vulnerabilities(CVE-2017-14438 - CVE-2017-14439)

Summary Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4000/tcp and 4001/tcp to trigger this vulnerability. Tested Version...

Moxa EDR-810 Service Agent Multiple Denial of Service Vulnerabilities

Summary Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4000/tcp and 4001/tcp to trigger this vulnerability. Tested Version...