CVE-2026-33786 Junos OS: SRX1600, SRX2300, SRX4300: When a specific show command is executed chassisd crashes

An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon chassisd of Juniper Networks Junos OS on SRX1600, SRX2300 and SRX4300 allows a local attacker with low privileges to cause a complete Denial of Service DoS. When a specific 'show chassis' CLI comma...

EUVD-2026-2300

In the Linux kernel, the following vulnerability has been resolved: block: fix race between wbtenabledefault and IO submission When wbtenabledefault is moved out of queue freezing in elevatorchange, it can cause the wbt inflight counter to become negative -1, leading to hung tasks in the writebac...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2025-2300)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2025-2300

Malicious code in bioql PyPI...

CVE-2025-2300 Information exposure vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA

Hitachi Ops Center Common Services within Hitachi Ops Center OVA contains an information exposure vulnerability. This issue affects Hitachi Ops Center Common Services: from 11.0.3-00 before 11.0.4-00...

CVE-2025-2300 Information exposure vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA

Hitachi Ops Center Common Services within Hitachi Ops Center OVA contains an information exposure vulnerability. This issue affects Hitachi Ops Center Common Services: from 11.0.3-00 before 11.0.4-00...

Microsoft DWM Core Library 安全漏洞

Microsoft DWM Core Library is a core library for Microsoft windows from Microsoft Corporation, USA. A security vulnerability exists in the Microsoft DWM Core Library. The following products and editions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based...

openSUSE Security Advisory (SUSE-SU-2024:3095-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ucode-intel (SUSE-SU-2024:3095-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3095-1 advisory. - Intel CPU Microcode was updated to the 20240813 release bsc1229129 - CVE-2024-24853: Security...

SUSE-SU-2024:3095-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20240813 release bsc1229129 - CVE-2024-24853: Security updates for INTEL-SA-01083 - CVE-2024-25939: Security updates for INTEL-SA-01118 - CVE-2024-24980: Security updates for INTEL-SA-01100 -...

Raisecom MSG1200、Raisecom MSG2100E、Raisecom MSG2200和Raisecom MSG2300 操作系统命令注入漏洞

The Raisecom MSG1200 and others are a Gigabit Converged Gateway from Raisecom China. An OS command injection vulnerability exists in the Raisecom MSG1200, Raisecom MSG2100E, Raisecom MSG2200, and Raisecom MSG2300 version 3.90, which originates from the parameter template/ in file...

Raisecom MSG1200、MSG2100E、MSG2200和MSG2300 操作系统命令注入漏洞

The Raisecom MSG1200 and others are a Gigabit converged gateway from Raisecom China. An OS command injection vulnerability exists in the Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300, which stems from the fact that incorrect operation of the parameter template can lead to OS command injection...

SUSE SLES12 Security Update : krb5 (SUSE-SU-2024:2300-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2300-1 advisory. - CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted bsc1227186. -...

CVE-2024-2300

Technical details are not publicly available in the provided documents. Monitor for updates from HP and security advisories to obtain affected versions, vulnerable components, and remediation steps.

Malicious code in wlwz-2312-2300 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 116fd8bd8202b93b356eb2de15081bac4e2a66563bcdc69f28ab155d0bc6bd23 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-377 Malicious code in wlwz-2312-2300 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 116fd8bd8202b93b356eb2de15081bac4e2a66563bcdc69f28ab155d0bc6bd23 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

TOTOLINK X5000R Operating System Command Injection Vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in TOTOLINK X5000R version 9.1.0cu.2300B20230112, which stems from an operating system command injection vulnerability in component fg/setWizardCfg...

WordPress Contact Form Builder by vcita Plugin <= 4.10.2 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form Builder by vcita Type Plugin Vulnerable versions = 4.10.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2300 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 3b4b71b799e4 Credits Jonas...

CVE-2023-2300

The Contact Form Builder by vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'email' parameter in versions up to, and including, 4.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with the editposts...

CVE-2023-2300

CVE-2023-2300 refers to a Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Contact Form Builder by vcita (≤ 4.9.1). The issue arises from insufficient input sanitization and output escaping of the email parameter, allowing an authenticated attacker with edit_posts capabilit...