22 matches found
CVE-2026-23496
creationtimestamp| type| source ---|---|--- 2026-01-15 18:33:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mci7v4tpa42c...
CVE-2026-23496
Summary: The Pimcore Web2Print Tools Bundle contains aBroken Access Control flaw in the API endpoint that manages “Favourite Output Channel Configurations.” An authenticated backend user, even without explicit permissions for this feature, could list, create, update, or retrieve these configurati...
CVE-2025-23496
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in husani WP FPO wp-fpo allows Reflected XSS.This issue affects WP FPO: from n/a through = 1.0...
EUVD-2024-23496
Malicious code in bioql PyPI...
CVE-2023-23496
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, watchOS 9.3, iOS 15.7.2 and iPadOS 15.7.2, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2025-23496
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in husani WP FPO wp-fpo allows Reflected XSS.This issue affects WP FPO: from n/a through = 1.0...
CVE-2025-23496
CVE-2025-23496 describes a Reflected Cross-Site Scripting (XSS) vulnerability in the WordPress WP FPO plugin (and NotFound WP FPO) with improper input neutralization during web page generation. Affected: WP FPO plugin versions up to 1.0 (and NotFound WP FPO up to 1.0). Documented by multiple sour...
CVE-2025-23496 WordPress WP FPO plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in husani WP FPO wp-fpo allows Reflected XSS.This issue affects WP FPO: from n/a through = 1.0...
CVE-2024-23496
creationtimestamp| type| source ---|---|--- 2024-03-14 09:51:12+00:00| seen| https://t.me/ctinow/207576 2025-02-12 19:07:39+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4115...
CVE-2024-23496
CVE-2024-23496 affects llama.cpp’s GGUF file parsing in the gguf_fread_str function. The root cause is an integer overflow when reading a string length p->n, leading to p->data = calloc(p->n + 1, 1) and a potentially undersized allocation. A heap-based buffer overflow can occur when the ...
CVE-2024-23496
A heap-based buffer overflow vulnerability exists in the GGUF library gguffreadstr functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2023-23496
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, watchOS 9.3, iOS 15.7.2 and iPadOS 15.7.2, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2023-23496
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, watchOS 9.3, iOS 15.7.2 and iPadOS 15.7.2, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2023-23496
CVE-2023-23496 affects Apple Safari/WebKit components; exploitation arises from processing maliciously crafted web content, leading to arbitrary code execution. Publicly documented impact includes macOS Ventura 13.2, macOS Monterey Big Sur/Big Sur? /, iOS 15.7.2 / 16.3, iPadOS 15.7.2 / 16.3, watc...
Apple Safari Security Update (HT213600)
Apple Safari is prone to multiple vulnerabilities according to Apple security advisory. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
About the security content of Safari 16.3
About the security content of Safari 16.3 This document describes the security content of Safari 16.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
VulnCheck KEV: CVE-2023-23496
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, watchOS 9.3, iOS 15.7.2 and iPadOS 15.7.2, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2022-23496
creationtimestamp| type| source ---|---|--- 2022-12-09 00:12:54+00:00| seen| https://t.me/cibsecurity/54206...
CVE-2022-23496
Vulnerability summary (CVE-2022-23496, Yauaa) : The Java library Yauaa can crash when using the Client Hints analysis feature introduced with version 7.0.0 due to an ArrayIndexOutOfBoundsException. This affects applications that enable Client Hints analysis; those not using this feature are not a...
CVE-2022-23496 A crafted list can trigger a ArrayIndexOutOfBoundsException in Yauaa
Yet Another UserAgent Analyzer Yauaa is a java library that tries to parse and analyze the useragent string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an...