124 matches found
MINI-HH2F-XF9X-2337
Bulletin has no description...
MAL-2026-2337 Malicious code in chai-as-aligned (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bfc79b3c746510178bdaa8e79ecf903f3705e61a09a5846e263159301607f91 The package chai-as-aligned was found to contain malicious code...
MiracleLinux 4 : sudo-1.7.4p5-12.AXS4 (AXSA:2012-755:02)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-755:02 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all...
EUVD-2026-2337
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...
MiracleLinux 7 : ruby-2.0.0.648-39.0.4.el7.AXS7 (AXSA:2025-10964:04)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10964:04 advisory. CVE-2016-2337: Fix type confusion in canceleval Ruby's TclTkIp class method to prevent arbitrary code execution CVE-2017-9224: Fix stack...
Security update for matio (important)
openSUSE security update: security update for matio ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20022-1 Rating: important References: bsc1239677 bsc1239678 Cross-References: CVE-2025-2337 CVE-2025-2338 Affected Products: openSUSE Leap 16.0...
CVE-2019-2337
While Skipping unknown IES, EMM is reading the buffer even if the no of bytes to read are more than message length which may cause device to shutdown in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053,...
EUVD-2025-2337
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-2337
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as critical, has been found in tbeu matio 1.5.28. This issue affects the function MatVarPrint of the file src/mat.c. The...
CVE-2025-2337
A vulnerability, which was classified as critical, has been found in tbeu matio 1.5.28. This issue affects the function MatVarPrint of the file src/mat.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and m...
CVE-2025-2337
A vulnerability, which was classified as critical, has been found in tbeu matio 1.5.28. This issue affects the function MatVarPrint of the file src/mat.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and m...
CVE-2025-2337 tbeu matio mat.c Mat_VarPrint heap-based overflow
A vulnerability, which was classified as critical, has been found in tbeu matio 1.5.28. This issue affects the function MatVarPrint of the file src/mat.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and m...
CVE-2025-2337
A vulnerability, which was classified as critical, has been found in tbeu matio 1.5.28. This issue affects the function MatVarPrint of the file src/mat.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and m...
Linux Distros Unpatched Vulnerability : CVE-2016-2337
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type confusion exists in canceleval Ruby's TclTkIp class method. Attacker passing different type of object than String as retval argument can cause arbitrary co...
CVE-2022-2337
A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22...
WordPress Easy Testimonials Plugin <= 3.9.5 is vulnerable to Cross Site Scripting (XSS)
Software Easy Testimonials Type Plugin Vulnerable versions = 3.9.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2337 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b71aceb02810 Credits Krzysztof Zając Required...
CVE-2024-2337
creationtimestamp| type| source ---|---|--- 2024-07-20 05:35:11+00:00| seen| https://t.me/cvedetector/1239...
CVE-2024-2337 Easy Testimonials <= 3.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Easy Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'testimonialsgrid ' shortcode in all versions up to, and including, 3.9.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-2337 Easy Testimonials <= 3.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Easy Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'testimonialsgrid ' shortcode in all versions up to, and including, 3.9.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
RHEL 7 : ruby (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ruby: Fiddle::Function.new heap buffer overflow CVE-2016-2339 - Type confusion exists in canceleval Ruby'...