WordPress EventPress theme < 22.2 – Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by ? in WordPress Theme EventPress versions 22.2...

CVE-2026-6268

The EventPress WordPress theme before 22.2 does not sanitize or escape the 'id' parameter in the eventpresscustomizernotifydismissaction AJAX handler before outputting it back in the response, allowing unauthenticated attackers to perform Reflected Cross-Site Scripting attacks against logged-in...

CVE-2026-6268 EventPress < 22.2 – Reflected Cross-Site Scripting

The EventPress WordPress theme before 22.2 does not sanitize or escape the 'id' parameter in the eventpresscustomizernotifydismissaction AJAX handler before outputting it back in the response, allowing unauthenticated attackers to perform Reflected Cross-Site Scripting attacks against logged-in...

EUVD-2024-19253

Malicious code in bioql PyPI...

CVE-2023-21983

Vulnerability in the Application Express Administration product of Oracle Application Express component: None. Supported versions that are affected are Application Express Administration: 18.2-22.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to...

Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to Slowloris HTTP DOS attack (CVE-2022-35639)

Summary IBM Sterling Partner Engagement Manager is vulnerable to Slowloris attack is a type of denial-of-service DoS attack which targets threaded web servers. The issue has been addressed. Vulnerability Details CVEID:CVE-2022-35639 DESCRIPTION: IBM Sterling Partner Engagement Manager do not limi...

CVE-2024-39521

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

CVE-2024-39521 Junos OS Evolved: CLI parameter processing issue allows privilege escalation

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

CVE-2024-39521 Junos OS Evolved: CLI parameter processing issue allows privilege escalation

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

CVE-2024-39562 Junos OS Evolved: A high rate of SSH connections causes a Denial of Service

A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process, responsible for spawning SSH daemon sshd instances, of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service DoS by blocking SSH access for legitimate...

PT-2024-25431 · Veritas · Veritas Backup Exec

Name of the Vulnerable Software and Affected Versions: Veritas Backup Exec versions prior to 22.2 HotFix 917391 Description: An issue was discovered that allows for DLL Hijacking in the Windows DLL Search path due to improper access controls. Recommendations: For versions prior to 22.2 HotFix...

Vulnerabilities fixed in Veritas BackupExec

Veritas has fixed vulnerabilities in BackupExec. A local malicious party can exploit the vulnerabilities to execute arbitrary code via a DLL injection to execute arbitrary code, or to remove arbitrary files from the system, potentially causing a Denial-of-Service. No CVE IDs have been disclosed f...

Juniper Junos OS Vulnerability (JSA75743)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75743 advisory. - A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L allows an unauthenticated, network-based attacker to...

CVE-2024-30401 Junos OS: MX Series and EX9200-15C: Stack-based buffer overflow in aftman

An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC...

CVE-2024-30388 Junos OS: QFX5000 Series and EX Series: Specific malformed LACP packets will cause flaps

An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. If a specific malformed LACP packet is received by a QFX5000...

CVE-2024-21618 Junos OS and Junos OS Evolved: When LLDP is enabled and a malformed LLDP packet is received, l2cpd crashes

An Access of Memory Location After End of Buffer vulnerability in the Layer-2 Control Protocols Daemon l2cpd of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause Denial of Service DoS. On all Junos OS and Junos OS Evolved platforms, when LLDP is...

Mobatek MobaXterm < 22.2 (CVE-2022-38336)

The version of Mobatek MobaXterm installed on the remote host is prior to 22.2. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-38336 advisory. - An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP...

CVE-2024-21602

A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. If a specific IPv4 UDP packet is received and sent to the Routing Engine RE packetio crashes an...

Null pointer dereference

A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. If a specific IPv4 UDP packet is received and sent to the Routing Engine RE packetio crashes an...

Design/Logic Flaw

An Incomplete Cleanup vulnerability in Nonstop active routing NSR component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of Service DoS. On all Junos OS platforms, when NSR is enabled, a BGP flap will cause memory leak. A manual...