CVE-2026-23995

EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ 16 to CAN open routines overflows ifreq.ifrname, corrupting adjacent stack data and enabling potential code execution. ...

CVE-2026-23995

creationtimestamp| type| source ---|---|--- 2026-03-26 17:04:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhy3kqmpgv25 2026-03-26 23:01:11+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhypi5cz7r2m 2026-03-26 23:16:19+00:00| seen|...

CVE-2026-23995 EVerest has stack buffer overflow in ifreq.ifr_name when interface name exceeds IFNAMSIZ

EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ 16 to CAN open routines overflows ifreq.ifrname, corrupting adjacent stack data and enabling potential code execution. ...

CVE-2026-23995

EVerest has a stack-based buffer overflow in the CAN interface initialization. If a CAN interface name exceeds IFNAMSIZ (16), touching CAN open routines overflows the stack via ifreq.ifr_name, potentially leading to code execution. This affects versions prior to 2026.02.0; the patch is included i...

MiracleLinux 4 : thunderbird-78.10.0-1.0.1.AXS4 (AXSA:2021-1718:08)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1718:08 advisory. Mozilla: Out of bound write due to lazy initialization CVE-2021-23994 Mozilla: Use-after-free in Responsive Design Mode CVE-2021-23995 Mozilla: More...

MiracleLinux 8 : thunderbird-78.10.0-1.0.1.el8 (AXSA:2021-1726:09)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1726:09 advisory. Mozilla: Out of bound write due to lazy initialization CVE-2021-23994 Mozilla: Use-after-free in Responsive Design Mode CVE-2021-23995 Mozilla: More...

MiracleLinux 8 : firefox-78.10.0-1.0.1.el8 (AXSA:2021-1733:13)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1733:13 advisory. Mozilla: Out of bound write due to lazy initialization CVE-2021-23994 Mozilla: Use-after-free in Responsive Design Mode CVE-2021-23995 Mozilla: More...

CVE-2025-23995

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ta2g Tantyyellow allows Reflected XSS.This issue affects Tantyyellow: from n/a through 1.0.0.5...

ROS-2-657

2.657 Multiple vulnerabilities in Mozilla Firefox CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29947, CVE-2021-29946. 1. Vulnerability Description: Vulnerabilities allow a...

CVE-2025-23995

creationtimestamp| type| source ---|---|--- 2025-03-31 11:31:39+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9632 2025-03-31 15:01:01+00:00| seen| https://t.me/cvedetector/21590...

CVE-2025-23995 WordPress Tantyyellow theme <= 1.0.0.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ta2g Tantyyellow allows Reflected XSS.This issue affects Tantyyellow: from n/a through 1.0.0.5...

CVE-2025-23995

CVE-2025-23995 affects the WordPress Tantyyellow theme (versions up to 1.0.0.5). Connected sources confirm an Improper Neutralization of Input During Web Page Generation (Reflected XSS) vulnerability in Tantyyellow, with CVSS v3.1 base score 7.1 (HIGH). Publicly noted affected range includes 1.0....

CVE-2025-23995 WordPress Tantyyellow theme <= 1.0.0.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ta2g Tantyyellow allows Reflected XSS.This issue affects Tantyyellow: from n/a through 1.0.0.5...

CVE-2024-23995

creationtimestamp| type| source ---|---|--- 2024-09-06 06:16:30+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8464...

ROS-2-1238

2.1238 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-23994, CVE-2021-23995, CVE-2021-23998, CVE-2021-23961, CVE-2021-23999, CVE-2021-24002, CVE-2021-29945, CVE-2021-29946, CVE-2021-29948, CVE-2021-29950. 1. Vulnerability Description: Vulnerabilities allow a remote attacker to compromis...

CVE-2023-23995

creationtimestamp| type| source ---|---|--- 2023-04-26 00:25:19+00:00| seen| https://t.me/cibsecurity/62858...

CVE-2023-23995

CVE-2023-23995 affects the WordPress TinyMCE Custom Styles plugin (versions

WordPress TinyMCE Custom Styles Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software TinyMCE Custom Styles Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23995 Patch priority Low CVSS severity Low 5.9 Developer tinymce-custom-styles PSID 7dc7761b83f7 Credits Rio Darmawa...

CVE-2022-23995

creationtimestamp| type| source ---|---|--- 2022-02-11 20:34:49+00:00| seen| https://t.me/cibsecurity/37326...

CVE-2022-23995

CVE-2022-23995 affects Wear OS 3.0 devices with StBedtimeModeAlarmReceiver. The vulnerability arises from an unprotected component that allows untrusted apps to change bedtime mode without proper permission. Impact is described as low to medium depending on base score model (CVSS v3.1: 3.3, LOW; ...