ROOT-OS-UBUNTU-2204-CVE-2026-23457 CVE-2026-23457 in rootio-linux - Patched by Root

Root has patched CVE-2026-23457 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2404-CVE-2026-23457 CVE-2026-23457 in rootio-linux - Patched by Root

Root has patched CVE-2026-23457 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2026-23457 CVE-2026-23457 in rootio-linux - Patched by Root

Root has patched CVE-2026-23457 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2026-23457 CVE-2026-23457 in rootio-linux - Patched by Root

Root has patched CVE-2026-23457 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : ESAPI vulnerabilities (USN-8181-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8181-1 advisory. Jaroslav Lobaevski discovered that ESAPI incorrectly validated directory paths during path verification. ...

Linux Distros Unpatched Vulnerability : CVE-2026-23457

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfconntracksip: fix Content-Length u32 truncation in siphelptcp siphelptcp parses the SIP Content-Length header with simplestrtoul, which returns...

CVE-2026-23457

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntracksip: fix Content-Length u32 truncation in siphelptcp siphelptcp parses the SIP Content-Length header with simplestrtoul, which returns unsigned long, but stores the result in unsigned int clen. On 64-bit...

CVE-2026-23457

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntracksip: fix Content-Length u32 truncation in siphelptcp siphelptcp parses the SIP Content-Length header with simplestrtoul, which returns unsigned long, but stores the result in unsigned int clen. On 64-bit...

MAL-2025-23457 Malicious code in isv-upx-client (npm)

The package isv-upx-client was found to contain malicious code...

[SECURITY] [DLA 4246-1] libowasp-esapi-java security update

Debian LTS Advisory DLA-4246-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany July 22, 2025 https://wiki.debian.org/LTS Package : libowasp-esapi-java Version : 2.4.0.0-0+deb11u1 CVE ID : CVE-2022-23457 CVE-2022-24891 CVE-2025-5878 Debian Bug : 1010339 1109378...

Debian: Security Advisory (DLA-4246-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-4246 : libowasp-esapi-java - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4246 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4246-1 [email protected]...

Linux Distros Unpatched Vulnerability : CVE-2023-23457

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Segmentation fault was found in UPX in PackLinuxElf64::invertptdynamic in plxelf.cpp. An attacker with a crafted input file allows invalid memory address acce...

CVE-2022-23457

ESAPI The OWASP Enterprise Security API is a free, open source, web application security control library. Prior to version 2.3.0.0, the default implementation of Validator.getValidDirectoryPathString, String, File, boolean may incorrectly treat the tested input string as a child of the specified...

CVE-2024-23457

The anti-tampering functionality of the Zscaler Client Connector can be disabled under certain conditions when an uninstall password is enforced. This affects Zscaler Client Connector on Windows prior to 4.2.0.209...

CVE-2025-23457

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shipdeoplugin Shipdeo shipdeo-woo allows Reflected XSS.This issue affects Shipdeo: from n/a through = 1.2.8...

CVE-2025-23457

creationtimestamp| type| source ---|---|--- 2025-01-27 14:08:31+00:00| seen| https://infosec.exchange/users/cve/statuses/113900710168427584 2025-01-27 14:16:07+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgq4vtuqpr2h 2025-01-27 14:55:08+00:00| seen|...

CVE-2025-23457

CVE-2025-23457 is a Reflected XSS in the WordPress Shipdeo plugin (Shipdeo WooCommerce) affecting versions up to 1.2.8, caused by improper input neutralization during web page generation. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L) yields a base score of 7.1 (High). Public records f...

CVE-2025-23457 WordPress Shipdeo plugin <= 1.2.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Clodeo Shipdeo allows Reflected XSS. This issue affects Shipdeo: from n/a through 1.2.8...

CVE-2025-23457 WordPress Shipdeo plugin <= 1.2.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shipdeoplugin Shipdeo shipdeo-woo allows Reflected XSS.This issue affects Shipdeo: from n/a through = 1.2.8...