RockyLinux 10 : expat (RLSA-2026:22715)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22715 advisory. libexpat: denial of service via crafted XML input CVE-2026-45186 Tenable has extracted the preceding description block directly from the RockyLinux security...

CVE-2026-22715

VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. Resolution: To remediate CVE-2026-22715 plea...

PT-2026-22147

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 25H1 and below Description An out-of-bound read issue exists in VMware Workstation. An attacker with non-administrative privileges on a guest virtual machine can potentially obtain limited information disclosure fro...

PT-2026-22148

Name of the Vulnerable Software and Affected Versions Windows Workstation affected versions not specified Description A user with authenticated access on a Windows based Workstation host may cause a null pointer dereference error. Recommendations At the moment, there is no information about a new...

PT-2026-22146

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 25H1 and below Description A flaw exists in VMware Workstation that could allow a user with limited access within a guest virtual machine to disrupt the host system. Specifically, an out-of-bounds write issue can le...

CVE-2025-22715

creationtimestamp| type| source ---|---|--- 2026-01-08 18:13:39+00:00| seen| Telegram/8fRJHN3hFBSebJqdKWxD-1j43348WuwoDT4ZiTfkSQU...

CVE-2024-22715

creationtimestamp| type| source ---|---|--- 2024-01-17 19:26:44+00:00| seen| https://t.me/ctinow/169435 2024-01-24 23:16:26+00:00| seen| https://t.me/ctinow/173155 2024-02-10 22:21:34+00:00| seen| https://t.me/ctinow/182651...

CVE-2024-22715

Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...

CVE-2024-22715

Summary (from provided records): Stupid Simple CMS

CVE-2024-22715

Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...

CVE-2023-22715

creationtimestamp| type| source ---|---|--- 2023-03-23 17:41:56+00:00| seen| https://t.me/cibsecurity/60580...

CVE-2023-22715

Auth. admin+ Cross-Site Scripting XSS vulnerability in Lester 'GaMerZ' Chan WP-CommentNavi plugin = 1.12.1 versions...

CVE-2023-22715

Auth. admin+ Cross-Site Scripting XSS vulnerability in Lester 'GaMerZ' Chan WP-CommentNavi plugin = 1.12.1 versions...

CVE-2023-22715

WP-CommentNavi (WordPress)

WordPress WP-CommentNavi Plugin <= 1.12.1 is vulnerable to Cross Site Scripting (XSS)

Software WP-CommentNavi Type Plugin Vulnerable versions = 1.12.1 Fixed in 1.12.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-22715 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f51dcf4c7b1f Credits Rio Darmawan Required...

CVE-2022-22715

creationtimestamp| type| source ---|---|--- 2022-02-09 20:13:13+00:00| seen| https://t.me/cibsecurity/37090 2022-08-23 07:38:55+00:00| published-proof-of-concept| https://t.me/proxybar/943 2022-08-26 10:50:04+00:00| published-proof-of-concept| https://t.me/crackcodes/1069 2022-09-07 06:08:26+00:0...

CVE-2022-22715

Named Pipe File System Elevation of Privilege Vulnerability...

CVE-2022-22715

Named Pipe File System Elevation of Privilege Vulnerability...

CVE-2022-22715

CVE-2022-22715 corresponds to a Windows Named Pipe File System Elevation of Privilege vulnerability. The Electronically published data indicate a local, low‑privilege attack with no user interaction that could yield high impact to confidentiality, integrity, and availability. The connected record...

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights...