CVE-2023-23645

creationtimestamp| type| source ---|---|--- 2026-06-06 02:06:46+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mnlkxevztx2o...

Advisory ROSA-SA-2026-3201

Software: sysstat 11.7.3 OS: ROSA Virtualization 2.1 unaffected versions = sysstat-11.7.3-13.rv3 affected versions sysstat-11.7.3-13.rv3 CVE-ID: CVE-2023-33204 BDU-ID: 2025-00980 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the common.c component of the sysstat system performance measurement and...

Advisory ROSA-SA-2026-3183

Software: sysstat 11.7.3 OS: ROSA Virtualization 3.0 unaffected versions = sysstat-11.7.3-13.rv30 affected versions sysstat-11.7.3-13.rv30 CVE-ID: CVE-2019-16167 BDU-ID: 2022-06244 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the remapstruct function of the sacommon.c component of the Sysstat...

CVE-2026-23645 SiYuan Vulnerable to Stored Cross-Site Scripting (XSS) via Unrestricted SVG File Upload

SiYuan is self-hosted, open source personal knowledge management software. Prior to 3.5.4-dev2, a Stored Cross-Site Scripting XSS vulnerability exists in SiYuan Note. The application does not sanitize uploaded SVG files. If a user uploads and views a malicious SVG file e.g., imported from an...

CVE-2026-23645

creationtimestamp| type| source ---|---|--- 2026-01-16 09:07:24+00:00| published-proof-of-concept| https://github.com/siyuan-note/siyuan/security/advisories/GHSA-pcjq-j3mq-jv5j 2026-01-17 00:12:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcldctr6xb27 2026-01-18 16:38:38+00:00...

CVE-2025-23645

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Optimize Worldwide Find Content IDs find-content-ids allows Reflected XSS.This issue affects Find Content IDs: from n/a through = 1.0...

TencentOS Server 3: swtpm (TSSA-2022:0267)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0267 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Linux Distros Unpatched Vulnerability : CVE-2022-23645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to...

CVE-2025-23645

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Optimize Worldwide Find Content IDs find-content-ids allows Reflected XSS.This issue affects Find Content IDs: from n/a through = 1.0...

CVE-2025-23645

CVE-2025-23645 refers to a WordPress plugin vulnerability in Find Content IDs (versions n/a through 1.0) that allows a Reflected XSS due to improper input neutralization during web page generation. This is a browser-side script execution risk triggered by crafted URLs. Public references in NVD/Re...

CVE-2023-23645

Improper Control of Generation of Code 'Code Injection' vulnerability in MainWP MainWP Code Snippets Extension allows Code Injection.This issue affects MainWP Code Snippets Extension: from n/a through 4.0.2...

CVE-2023-23645 WordPress MainWP Code Snippets Extension Plugin <= 4.0.2 - Subscriber+ Arbitrary PHP Code Injection/Execution Vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in MainWP MainWP Code Snippets Extension allows Code Injection.This issue affects MainWP Code Snippets Extension: from n/a through 4.0.2...

CVE-2023-23645 WordPress MainWP Code Snippets Extension Plugin <= 4.0.2 - Subscriber+ Arbitrary PHP Code Injection/Execution Vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in MainWP MainWP Code Snippets Extension allows Code Injection.This issue affects MainWP Code Snippets Extension: from n/a through 4.0.2...

RHEL 8 : swtpm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - swtpm: symlink issue may lead to privilege escalation CVE-2020-28407 - swtpm: Unchecked header size...

CentOS 9 : swtpm-0.8.0-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the swtpm-0.8.0-1.el9 build changelog. - swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are...

CentOS 9 : swtpm-0.7.0-2.20211109gitb79fd91.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the swtpm-0.7.0-2.20211109gitb79fd91.el9 build changelog. - swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, an...

CVE-2024-23645

creationtimestamp| type| source ---|---|--- 2024-02-01 19:21:41+00:00| seen| https://t.me/ctinow/177753 2024-02-24 10:11:17+00:00| seen| https://t.me/ctinow/192520...

CVE-2024-23645 GLPI reflected XSS in reports pages

GLPI is a Free Asset and IT Management Software package. A malicious URL can be used to execute XSS on reports pages. Upgrade to 10.0.12...

CVE-2024-23645 GLPI reflected XSS in reports pages

GLPI is a Free Asset and IT Management Software package. A malicious URL can be used to execute XSS on reports pages. Upgrade to 10.0.12...

WordPress MainWP Code Snippets Extension Plugin <= 4.0.2 is vulnerable to Arbitrary Code Execution

Software MainWP Code Snippets Extension Type Plugin Vulnerable versions = 4.0.2 Fixed in 4.0.3 OWASP Top 10 A1: Injection Classification Arbitrary Code Execution CVE CVE-2023-23645 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID bd9b1b1be741 Credits Dave Jong Patchstack...