Exploit for Improper Restriction of XML External Entity Reference in Cisco Secure_Endpoint

--- tags: hackthebox, linux, hard, cve-2023-23946, cve-2023-200...

CVE-2026-23946

creationtimestamp| type| source ---|---|--- 2026-01-22 01:07:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcxyomszhk2t 2026-01-24 21:23:13+00:00| seen| https://gist.github.com/alon710/4972d5a3d088ec92b983ffaa97796d26 2026-01-24 22:21:08+00:00| seen|...

MiracleLinux 9 : git-2.39.3-1.el9 (AXSA:2023-5963:09)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5963:09 advisory. git: by feeding specially crafted input to git apply --reject, a path outside the working tree can be overwritten with partially controlled contents...

CVE-2025-23946

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Le-Pixel-Solitaire Enhanced YouTube Shortcode enhanced-youtube-shortcode allows Stored XSS.This issue affects Enhanced YouTube Shortcode: from n/a through = 2.0.1...

TencentOS Server 3: git (TSSA-2023:0107)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0107 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2024-23946

Possible path traversal in Apache OFBiz allowing file inclusion. Users are recommended to upgrade to version 18.12.12, that fixes the issue...

Alibaba Cloud Linux 3 : 0047: git (ALINUX3-SA-2023:0047)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0047 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-22490: Git is a revision control...

CVE-2025-23946

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Le-Pixel-Solitaire Enhanced YouTube Shortcode enhanced-youtube-shortcode allows Stored XSS.This issue affects Enhanced YouTube Shortcode: from n/a through = 2.0.1...

CVE-2025-23946

CVE-2025-23946 affects Enhanced YouTube Shortcode (WordPress plugin) up to version 2.0.1, with stored XSS caused by improper input neutralization during web page generation; no patch/version fix details are provided in the connected documents.

CVE-2025-23946 WordPress Enhanced YouTube Shortcode plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Le-Pixel-Solitaire Enhanced YouTube Shortcode enhanced-youtube-shortcode allows Stored XSS.This issue affects Enhanced YouTube Shortcode: from n/a through = 2.0.1...

CLSA-2024-1714728645 git: Fix of CVE-2023-23946

CVE-2023-23946: apply - fix writing behind newly created symbolic links...

openSUSE: Security Advisory for git (SUSE-SU-2023:0430-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-23946

Possible path traversal in Apache OFBiz allowing file inclusion. Users are recommended to upgrade to version 18.12.12, that fixes the issue...

CVE-2024-23946

The CVE-2024-23946 issue is a path traversal/file inclusion vulnerability in Apache OFBiz. Affected product: Apache OFBiz prior to 18.12.12. Root cause: incorrect handling of file paths allowing access to files outside the web root. Impact: potential disclosure of sensitive files/directories; det...

CVE-2024-23946 Apache OFBiz: Path traversal or file inclusion

Possible path traversal in Apache OFBiz allowing file inclusion. Users are recommended to upgrade to version 18.12.12, that fixes the issue...

CVE-2024-23946 Apache OFBiz: Path traversal or file inclusion

Possible path traversal in Apache OFBiz allowing file inclusion. Users are recommended to upgrade to version 18.12.12, that fixes the issue...

CVE-2024-23946

creationtimestamp| type| source ---|---|--- 2024-02-22 10:12:18+00:00| seen| https://t.me/arpsyndicate/3968 2024-02-29 02:56:29+00:00| seen| https://t.me/ctinow/196113 2024-02-29 03:03:01+00:00| seen| https://t.me/ctinow/196130 2024-03-13 10:41:10+00:00| seen| https://t.me/ctinow/206538...

Moderate: Red Hat Security Advisory: git security update

An update for git is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

GitLab < 15.6.8 (CRITICAL-SECURITY-RELEASE-GITLAB-15-8-2-RELEASED)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to git...

Exploit for Path Traversal in Git-Scm Git

CVE-2023-23946 POC Exploit Explanation and POC of the CVE-2023...