CVE-2026-23814

creationtimestamp| type| source ---|---|--- 2026-03-11 03:00:15+00:00| seen| https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027enus&docLocale=enUS 2026-03-11 03:17:34+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-23814 2026-03-11...

CVE-2020-23814

creationtimestamp| type| source ---|---|--- 2025-09-15 09:10:56+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2020/CVE-2020-23814.yaml 2025-09-15 21:02:21+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lyvpcvyzp22g...

CVE-2025-23814

CVE-2025-23814 affects the WordPress CRUDLab Like Box plugin up to version 2.0.9. The issue is a Reflected XSS caused by improper input neutralization during web page generation, enabling injection via reflected input. Affected components and exact root cause are described across multiple sources...

CVE-2025-23814 WordPress CRUDLab Like Box Plugin <= 2.0.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CRUDLab CRUDLab Like Box crudlab-facebook-like-box allows Reflected XSS.This issue affects CRUDLab Like Box: from n/a through = 2.0.9...

CVE-2025-23814 WordPress CRUDLab Like Box Plugin <= 2.0.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CRUDLab CRUDLab Like Box crudlab-facebook-like-box allows Reflected XSS.This issue affects CRUDLab Like Box: from n/a through = 2.0.9...

CVE-2024-23814

The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote attacker to cause a temporary denial of service...

CVE-2024-23814

creationtimestamp| type| source ---|---|--- 2025-02-11 10:29:24+00:00| seen| https://infosec.exchange/users/cve/statuses/113984783226707078 2025-02-11 11:15:35+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhvjsturqv23 2025-02-13 11:00:00+00:00| seen|...

CVE-2024-23814

The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote attacker to cause a temporary denial of service...

CVE-2024-23814

Siemens ProductCERT advisories describe a vulnerability in the integrated ICMP service of the device network stack: when parsing specially crafted ICMP messages that target IP fragment reassembly, the service can exhaust available memory, enabling an unauthenticated remote attacker to trigger a t...

CVE-2024-23814

The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote attacker to cause a temporary denial of service...

CVE-2023-23814

Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar : from n/a through 1.4.13...

CVE-2023-23814 WordPress Calendar Event Multi View plugin <= 1.4.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar : from n/a through 1.4.13...

CVE-2023-23814 WordPress Calendar Event Multi View plugin <= 1.4.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in codepeople CP Multi View Event Calendar cp-multi-view-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar : from n/a through = 1.4.13...

CVE-2023-23814

CVE-2023-23814 affects WordPress CP Multi View Event Calendar plugin (

WordPress CP Multi View Event Calendar Plugin <= 1.4.13 is vulnerable to Broken Access Control

Software CP Multi View Event Calendar Type Plugin Vulnerable versions = 1.4.13 Fixed in 1.4.15 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-23814 Patch priority Low CVSS severity Low 3.8 Developer Claim ownership PSID cf4c806e3e64 Credits yuyudhn Requir...

CVE-2022-23814

CVE-2022-23814 describes a failure to validate addresses provided by software to BIOS commands, which may cause loss of integrity of guest memory in confidential compute environments. The vulnerability is tied to AMD platform components (SBIOS/ASP/SMU/ BIOS mailbox handling) and is documented und...

CVE-2022-23814

Failure to validate addresses provided by software to BIOS commands may result in a potential loss of integrity of guest memory in a confidential compute environment...

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

CVE-2021-23814

creationtimestamp| type| source ---|---|--- 2021-12-17 22:37:44+00:00| published-proof-of-concept| https://t.me/cibsecurity/34231...

CVE-2021-23814

This affects versions of the package unisharp/laravel-filemanager before 2.6.2. The upload function does not sufficiently validate the file type when uploading. An attacker may be able to reproduce the following steps: 1. Install a package with a web Laravel application. 2. Navigate to the Upload...