CVE-2026-23600

creationtimestamp| type| source ---|---|--- 2026-03-02 16:17:34+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116160479516533305 2026-03-02 16:36:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mg3osa4hm22o 2026-03-03 05:00:00+00:00| seen|...

CVE-2026-23600

A remote authentication bypass vulnerability exists in HPE AutoPass License Server APLS...

CVE-2026-23600

A remote authentication bypass vulnerability exists in HPE AutoPass License Server APLS...

CVE-2022-23600

fleet is an open source device management, built on osquery. Versions prior to 4.9.1 expose a limited ability to spoof SAML authentication with missing audience verification. This impacts deployments using SAML SSO in two specific cases: 1. A malicious or compromised Service Provider SP could reu...

CVE-2025-23600

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pinal.shah Send to a Friend Addon send-booking-invites-to-friends allows Reflected XSS.This issue affects Send to a Friend Addon: from n/a through = 1.4.1...

CVE-2024-23600

Improper Input Validation of query search results for private field data in PingIDM Query Filter module allows for a potentially efficient brute forcing approach leading to information disclosure...

CVE-2025-23600

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pinal.shah Send to a Friend Addon send-booking-invites-to-friends allows Reflected XSS.This issue affects Send to a Friend Addon: from n/a through = 1.4.1...

CVE-2025-23600

CVE-2025-23600 is a reflected XSS in the WordPress plugin “Send to a Friend Addon” (versions 1.4.1 and earlier). The root cause is improper neutralization of input during web page generation, allowing attacker-supplied input to be reflected in the page. Affected component: pinal.shah Send to a Fr...

CVE-2025-23600 WordPress Send to a Friend Addon plugin <= 1.4.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pinal.shah Send to a Friend Addon allows Reflected XSS. This issue affects Send to a Friend Addon: from n/a through 1.4.1...

Ping Identity PingIDM 7.5.0 Query Filter Injection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Query Filter Injection product: Ping Identity PingIDM formerly known as ForgeRock Identity Management vulnerable version: v7.0.0 - v7.5.0 and older unsupported versions...

CVE-2024-23600

creationtimestamp| type| source ---|---|--- 2024-08-01 19:36:32+00:00| seen| https://t.me/cvedetector/2255...

CVE-2024-23600

CVE-2024-23600 concerns Ping Identity PingIDM (Query Filter module). Public details describe improper input validation of query search results for private field data, enabling a potentially more efficient brute-force approach that can lead to information disclosure. Connected sources corroborate ...

SUSE CVE-2023-23600

Per origin notification permissions were being stored in a way that didn't take into account what browsing context the permission was granted in. This lead to the possibility of notifications to be displayed during different browsing sessions. This bug only affects Firefox for Android. Other...

CVE-2023-23600

creationtimestamp| type| source ---|---|--- 2023-06-02 20:39:34+00:00| seen| https://t.me/cibsecurity/64920...

CVE-2023-23600

Per origin notification permissions were being stored in a way that didn't take into account what browsing context the permission was granted in. This lead to the possibility of notifications to be displayed during different browsing sessions. This bug only affects Firefox for Android. Other...

CVE-2023-23600 Notification permissions persisted between Normal and Private Browsing on Android

Per origin notification permissions were being stored in a way that didn't take into account what browsing context the permission was granted in. This lead to the possibility of notifications to be displayed during different browsing sessions. This bug only affects Firefox for Android. Other...

CVE-2023-23600

CVE-2023-23600 affects Firefox for Android (Firefox

CVE-2023-23600

Per origin notification permissions were being stored in a way that didn't take into account what browsing context the permission was granted in. This lead to the possibility of notifications to be displayed during different browsing sessions. This bug only affects Firefox for Android. Other...

CVE-2022-23600 Limited ability to spoof SAML authentication with missing audience verification

fleet is an open source device management, built on osquery. Versions prior to 4.9.1 expose a limited ability to spoof SAML authentication with missing audience verification. This impacts deployments using SAML SSO in two specific cases: 1. A malicious or compromised Service Provider SP could reu...

CVE-2022-23600

Fleet (fleetdm/fleet) before version 4.9.1 is vulnerable to a limited SAML authentication spoof due to missing audience verification. Two attack scenarios are described: (1) a malicious SP could log in as a Fleet user if the user has a matching email in Fleet and signs into the malicious SP via t...