Linux Distros Unpatched Vulnerability : CVE-2023-23922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to...

ROOT-OS-DEBIAN-12-CVE-2020-23922 CVE-2020-23922 in rootio-giflib - Patched by Root

Root has patched CVE-2020-23922 in the rootio-giflib package for Root:Debian:12. Multiple fixed versions available...

Sony XAV-AX5500 1.13 - Firmware Update Validation Remote Code Execution (RCE)

Exploit Title: Sony XAV-AX5500 Firmware Update Validation Remote Code Execution Date: 11-Feb-2025 Exploit Author: lkushinada Vendor Homepage: https://www.sony.com/et/electronics/in-car-receivers-players/xav-ax5500 Software Link: https://archive.org/details/xav-ax-5500-v-113 Version: 1.13 Tested o...

📄 Sony XAV-AX5500 1.13 Code Execution

Sony XAV-AX5500 version 1.13 suffers from a firmware update validation vulnerability that allows for code execution. Exploit Title: Sony XAV-AX5500 Firmware Update Validation Remote Code Execution Date: 11-Feb-2025 Exploit Author: lkushinada Vendor Homepage:...

Exploit for CVE-2025-23922

CVE-2025-23922 - WordPress iSpring Embedder CSRF to Arbitrary...

Linux Distros Unpatched Vulnerability : CVE-2020-23922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over- read. CVE-2020-23922 Note that Nessus relies on the...

CVE-2025-23922

Cross-Site Request Forgery CSRF vulnerability in Harsh iSpring Embedder embed-ispring allows Upload a Web Shell to a Web Server.This issue affects iSpring Embedder: from n/a through = 1.0...

CVE-2025-23922

creationtimestamp| type| source ---|---|--- 2025-01-16 21:20:13+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7i2p3jk2n 2025-01-16 21:48:54+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/113840235016825074 2025-01-16 21:49:24+00:00| seen|...

CVE-2025-23922

Cross-Site Request Forgery CSRF vulnerability in Harsh iSpring Embedder embed-ispring allows Upload a Web Shell to a Web Server.This issue affects iSpring Embedder: from n/a through = 1.0...

CVE-2024-23922

creationtimestamp| type| source ---|---|--- 2024-09-23 17:59:23+00:00| seen| https://t.me/cvedetector/6184...

Medium: giflib

Issue Overview: An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read. CVE-2020-23922 There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB in gif2rgb.c:298:45. CVE-2022-28506 Affected Packages: giflib Issue Correction: Ru...

Amazon Linux 2023 : giflib, giflib-devel, giflib-utils (ALAS2023-2023-075)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-075 advisory. An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over- read. CVE-2020-23922 There is a heap-buffer-overflow in GIFLIB 5.2.1 function...

Moodle 3.11.x < 3.11.12 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.19, 3.11.x prior to 3.11.12, 4.0.x prior to 4.0.6 or 4.1.x prior to 4.1.1. It is, therefore, affected by multiple vulnerabilities: - A Cross-Site Scripting XSS vulnerability due to the lack of sanitization of some returnurl...

CVE-2023-23922

CVE-2023-23922 (Moodle): The vulnerability is an XSS flaw in Moodle’s blog search due to insufficient sanitization of user-supplied data. It allows a remote attacker to lure a user into visiting a crafted link, resulting in arbitrary HTML/JavaScript execution in the context of the vulnerable site...

SUSE CVE-2020-23922

An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read...

CVE-2022-23922

CVE-2022-23922 affects WIN-911 2021 R1 (up to 5.21.10) and R2 (up to 5.21.17). Description: a permissions misconfiguration allows a local attacker to write files to the Program Announcer directory and escalate privileges when the program runs. Connected docs corroborate affected product/versions ...

CVE-2022-23922 WIN-911 2021 Incorrect Default Permissions

WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an attacker to locally write files to the Program Announcer directory and elevate permissions whenever the program is executed...

CVE-2022-23922 WIN-911 2021 Incorrect Default Permissions

WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an attacker to locally write files to the Program Announcer directory and elevate permissions whenever the program is executed...

WIN-911 2021

1. EXECUTIVE SUMMARY CVSS v3 5.6 ATTENTION: Low attack complexity Vendor: WIN-911 Equipment: WIN-911 2021 Vulnerabilities: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to leverage the misconfigured privileges to the...

CVE-2020-23922

An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read...