27 matches found
CVE-2026-22640
creationtimestamp| type| source ---|---|--- 2026-01-15 15:12:34+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115899757567671679...
EUVD-2024-28255
Malicious code in bioql PyPI...
CVE-2025-22640
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in integrationdevpaytm Paytm Payment Donation paytm-donation allows Stored XSS.This issue affects Paytm Payment Donation: from n/a through = 2.3.3...
CVE-2025-22640
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in integrationdevpaytm Paytm Payment Donation paytm-donation allows Stored XSS.This issue affects Paytm Payment Donation: from n/a through = 2.3.3...
CVE-2025-22640 WordPress Paytm Payment Donation Plugin <= 2.3.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in integrationdevpaytm Paytm Payment Donation paytm-donation allows Stored XSS.This issue affects Paytm Payment Donation: from n/a through = 2.3.3...
CVE-2025-22640 WordPress Paytm Payment Donation Plugin <= 2.3.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paytm Paytm Payment Donation allows Stored XSS.This issue affects Paytm Payment Donation: from n/a through 2.3.3...
CVE-2025-22640
CVE-2025-22640 : In WordPress Paytm Payment Donation plugin, versions up to and including 2.3.3 contain an stored cross‑site scripting (XSS) flaw due to improper input neutralization during web page generation. Exploitation context is not detailed in the provided docs, but the issue is classified...
Linux Distros Unpatched Vulnerability : CVE-2024-22640
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TCPDF version =6.6.5 is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted HTML page with a crafted color. CVE-2024-22640 Note tha...
Updated php-tcpdf packages fix security vulnerability
TCPDF version =6.6.5 is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted HTML page with a crafted color. CVE-2024-22640...
Mageia: Security Advisory (MGASA-2024-0169)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : php-tcpdf (2024-27eafd0e65)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-27eafd0e65 advisory. Version 6.7.5 2024-04-20 - Update GitHub actions - fix: CSV-2024-22640 712 Tenable has extracted the preceding description block directly from the...
CVE-2024-22640
TCPDF version =6.6.5 is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted HTML page with a crafted color...
UBUNTU-CVE-2024-22640
TCPDF version =6.6.5 is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted HTML page with a crafted color...
CVE-2024-30334 Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...
CVE-2024-30334 Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...
Vulnerabilities fixed in Fortinet products
Fortinet has fixed vulnerabilities in FortiOS, FortiProxy and FortiADC. The vulnerability with reference CVE-2023-22640 relates FortiOS and FortiProxy and allows an authenticated remote malicious person to execute arbitrary code via specially prepared requests to execute arbitrary code. The...
CVE-2023-22640
creationtimestamp| type| source ---|---|--- 2023-05-04 02:36:33+00:00| seen| https://t.me/cibsecurity/63268...
CVE-2023-22640
CVE-2023-22640 describes an out-of-bounds write in Fortinet FortiOS (versions 7.2.0–7.2.3, 7.0.0–7.0.10, 6.4.0–6.4.11, 6.2.0–6.2.13, 6.0) and FortiProxy (7.2.0–7.2.1, 7.0.0–7.0.7, 2.0, 1.2, 1.1, 1.0) that allows an authenticated attacker to execute arbitrary code or commands via crafted requests....
CVE-2023-22640
A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.11, FortiOS version 6.2.0 through 6.2.13, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7,...
Fortinet Fortigate Out-of-bound-write in sslvpnd (FG-IR-22-475)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-475 advisory. - A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS versio...