17 matches found
CVE-2026-23940
Uncontrolled Resource Consumption vulnerability in hexpm hexpm/hexpm allows Excessive Allocation. Publishing an oversized package can cause Hex.pm to run out of memory while extracting the uploaded package tarball. This can terminate the affected application instance and result in a denial of...
CVE-2026-23940 Denial of Service via Oversized Package Upload
Uncontrolled Resource Consumption vulnerability in hexpm hexpm/hexpm allows Excessive Allocation. Publishing an oversized package can cause Hex.pm to run out of memory while extracting the uploaded package tarball. This can terminate the affected application instance and result in a denial of...
RockyLinux 10 : python3.12 (RLSA-2025:23940)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:23940 advisory. cpython: python: Python zipfile End of Central Directory EOCD Locator record offset not checked CVE-2025-8291 Tenable has extracted the preceding description...
AlmaLinux 10 : python3.12 (ALSA-2025:23940)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23940 advisory. cpython: python: Python zipfile End of Central Directory EOCD Locator record offset not checked CVE-2025-8291 Tenable has extracted the preceding description blo...
RHEL 10 : python3.12 (RHSA-2025:23940)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:23940 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic...
CVE-2025-23940 WordPress jupdf pdf viewer plugin <= 0.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in horiyuki Image Switcher image-switcher allows Stored XSS.This issue affects Image Switcher: from n/a through = 0.1.1...
CVE-2025-23940
CVE-2025-23940 concerns the WordPress plugin Image Switcher . The vulnerability is a stored cross-site scripting (XSS) issue described as an improper input neutralization during web page generation. Public details in the connected Red Hat and Wordfence entries confirm affected software as Image S...
CVE-2024-12754 AnyDesk Link Following Information Disclosure Vulnerability
AnyDesk Link Following Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
CVE-2024-23940
creationtimestamp| type| source ---|---|--- 2024-01-29 20:26:12+00:00| seen| https://t.me/ctinow/175516 2024-02-06 23:16:53+00:00| seen| https://t.me/ctinow/180385 2024-02-21 17:36:45+00:00| seen| https://t.me/ctinow/189831...
CVE-2024-23940
Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and...
CVE-2024-23940
Trend Micro uiAirSupport (Trend Micro Security 2023 family) is affected for version 6.0.2092 and below. The vulnerability is described as a DLL hijacking/proxying issue that could let an attacker impersonate/modify a library, run code on the system, and escalate privileges. Impact is described as...
CVE-2021-23940
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none...
CVE-2023-23940
creationtimestamp| type| source ---|---|--- 2023-02-03 22:20:49+00:00| seen| https://t.me/cibsecurity/57501...
SalesAgility SuiteCRM Remote Code Execution (CVE-2022-23940)
A remote code execution vulnerability exists in SalesAgility SuiteCRM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2022-23940
creationtimestamp| type| source ---|---|--- 2022-03-11 06:40:37+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/1646 2024-08-01 12:09:53+00:00| seen| MISP/4c20a67f-a4c2-4cca-86c4-710293720e5d...
CVE-2022-23940
SuiteCRM remote code execution (CVE-2022-23940) affects 7.12.1 and 8.x up to 8.0.1. Exploitation relies on deserializing crafted data in email_recipients within the Scheduled Reports module, allowing an authenticated user to trigger PHP object deserialization and execute code. The description not...
CVE-2021-23940
CVE-2021-23940 is rejected/not used; this CVE entry is not an active vulnerability.