CVE-2026-23478

creationtimestamp| type| source ---|---|--- 2026-01-15 02:06:08+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mcgipjebcv2p 2026-01-15 03:33:16+00:00| seen| https://bsky.app/profile/cyberdudebivash.bsky.social/post/3mcgnl6wnk22q 2026-01-15 12:01:11+00:00| seen|...

CVE-2025-23478

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cmsaccount Photo Video Store photo-video-store allows Reflected XSS.This issue affects Photo Video Store: from n/a through = 21.07...

EUVD-2024-23478

Malicious code in bioql PyPI...

CVE-2025-23478 WordPress Photo Video Store plugin <= 21.07 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cmsaccount Photo Video Store photo-video-store allows Reflected XSS.This issue affects Photo Video Store: from n/a through = 21.07...

CVE-2025-23478

The CVE-2025-23478 entry concerns WordPress Photo Video Store plugin

openSUSE: Security Advisory for xrdp (SUSE-SU-2023:0033-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SolarWinds ARM < 2023.2.3 Multiple Vulnerabilities (arm_2023-2-3)

The version of SolarWinds ARM installed on the remote host is prior to 2023.2.3. It is, therefore, affected by multiple vulnerabilities as referenced in the arm2023-2-3 advisory. - The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If...

CVE-2024-23478

creationtimestamp| type| source ---|---|--- 2024-02-15 22:31:36+00:00| seen| https://t.me/ctinow/185926 2024-02-19 11:22:18+00:00| seen| https://t.me/truesecator/5427 2024-03-08 08:56:31+00:00| seen| https://t.me/ctinow/203147 2024-07-22 12:54:50+00:00| seen| https://t.me/MrVGunz/1211...

CVE-2024-23478

CVE-2024-23478 affects SolarWinds Access Rights Manager (ARM). The connected advisories describe a deserialization/JsonSerializationBinder flaw that can allow an attacker to trigger remote code execution in ARM installations. The ZDI advisory specifies that authentication is required and attribut...

CVE-2024-23478 SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution

SolarWinds Access Rights Manager ARM was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service, resulting in remote code execution...

Mageia: Security Advisory (MGASA-2023-0002)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:0374-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:0374-1 Security update for xrdp

This update for xrdp fixes the following issues: - CVE-2022-23468: Fixed a buffer overflow in xrdploginwndcreate bsc1206300. - CVE-2022-23478: Fixed an out of bound write in xrdpmmtransprocessdrdynvcchan bsc1206302. - CVE-2022-23479: Fixed a buffer overflow in xrdpmmchandatain bsc1206303. -...

SUSE: Security Advisory (SUSE-SU-2023:0033-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:0033-1 Security update for xrdp

This update for xrdp fixes the following issues: - CVE-2022-23468: Fixed a buffer overflow in xrdploginwndcreate bsc1206300. - CVE-2022-23478: Fixed an out of bound write in xrdpmmtransprocessdrdynvcchan bsc1206302. - CVE-2022-23479: Fixed a buffer overflow in xrdpmmchandatain bsc1206303. -...

Fedora 36 : xrdp (2022-08d2138578)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-08d2138578 advisory. Release notes for xrdp v0.9.21 2022/12/10 General announcements - Running xrdp and xrdp-sesman on separate hosts is still supported by this release,...

Fedora: Security Advisory for xrdp (FEDORA-2022-08d2138578)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

FreeBSD : xrdp -- multiple vulnerabilities (ba94433c-7890-11ed-859e-1c61b4739ac9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ba94433c-7890-11ed-859e-1c61b4739ac9 advisory. - xrdp is an open source project which provides a graphical login to remote machines using...

CVE-2022-23478

creationtimestamp| type| source ---|---|--- 2022-12-09 20:18:45+00:00| seen| https://t.me/cibsecurity/54234 2022-12-12 09:00:28+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus24/2022...

CVE-2022-23478 Out of Bound Write in xrdp

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol RDP. xrdp v0.9.21 contain a Out of Bound Write in xrdpmmtransprocessdrdynvcchannelopen function. There are no known workarounds for this issue. Users are advised to upgrade...