Amazon Linux 2023 : mesa-dri-drivers, mesa-filesystem, mesa-libd3d (ALAS2023-2026-1623)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1623 advisory. In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party, and is then used for alloca...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2026-1623)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-1623

creationtimestamp| type| source ---|---|--- 2026-01-30 00:10:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdlz7w23xl2c...

CVE-2026-1623

A weakness has been identified in Totolink A7000R 4.1cu.4154. Impacted is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument FileName causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and...

CVE-2026-1623

Totolink A7000R 4.1cu.4154 is affected by a command-injection in the file /cgi-bin/cstecgi.cgi, via manipulating the FileName argument in the setUpgradeFW function. The vulnerability is exploitable remotely; public exploit/poc material exists and exploit maturity is labeled as PROOF-OF-CONCEPT. I...

MiracleLinux 4 : firefox-78.9.0-1.0.1.AXS4 (AXSA:2021-1623:10)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1623:10 advisory. Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read CVE-2021-23981 Mozilla: Memory safety bugs fixed in Firefox ...

CVE-2025-1623

The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2025-1623

creationtimestamp| type| source ---|---|--- 2025-03-16 06:46:07+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7701 2025-03-16 08:00:51+00:00| seen| https://t.me/cvedetector/20400...

CVE-2025-1623

The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2025-1623

CVE-2025-1623 affects the GDPR Cookie Compliance WordPress plugin

CVE-2025-1623 GDPR Cookie Compliance < 4.15.9 - Admin+ Stored XSS

The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2025-1623 GDPR Cookie Compliance < 4.15.9 - Admin+ Stored XSS

The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

RHEL 3 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 3 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - apr-util: high memory consumption in aprbrigadesplitline CVE-2010-1623 - The 1 modcache and 2 moddav...

CVE-2024-1623

creationtimestamp| type| source ---|---|--- 2024-03-14 14:26:29+00:00| seen| https://t.me/ctinow/207754 2024-03-14 14:31:36+00:00| seen| https://t.me/ctinow/207762...

CVE-2024-1623

The CVE-2024-1623 entry concerns the Sagemcom FAST3686 V2 Vodafone router. Affected component: the router’s web admin login flow, specifically Login.asp and logout.asp, with an insufficient session timeout that fails to manage session details correctly. Impact described as allowing a local attack...

CVE-2024-1623 Insufficient session timeout vulnerability in Sagemcom router

Insufficient session timeout vulnerability in the FAST3686 V2 Vodafone router from Sagemcom. This vulnerability could allow a local attacker to access the administration panel without requiring login credentials. This vulnerability is possible because the 'Login.asp and logout.asp' files do not...

Siemens Industrial Products Uncontrolled Resource Consumption (CVE-2019-11478)

Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. A remote attacker could cause a denial of service condition by sending specially crafted TCP Selective Acknowledgment SACK sequences to affected products. This plugin only works with Tenable.ot...

CVE-2023-37194

A vulnerability has been identified in SIMATIC CP 1604 All versions, SIMATIC CP 1616 All versions, SIMATIC CP 1623 All versions, SIMATIC CP 1626 All versions, SIMATIC CP 1628 All versions. The kernel memory of affected devices is exposed to user-mode via direct memory access DMA which could allow...

WordPress Custom Post Type UI Plugin < 1.13.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Custom Post Type UI Type Plugin Vulnerable versions 1.13.5 Fixed in 1.13.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-1623 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 181f1805c79c Credits Erwan LR Require...

CVE-2023-1623

creationtimestamp| type| source ---|---|--- 2023-04-24 22:19:38+00:00| seen| https://t.me/cibsecurity/62745 2025-02-06 02:42:28+00:00| seen| Telegram/tcr8Eu9rWXRsB6C8Y5ZCkBPhcSdec0NbhFDJMNT694EvKv...