CLEANSTART-2026-DV49899 Security fixes for CVE-2024-45993, CVE-2025-31344, CVE-2025-48924, CVE-2026-26740, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33210, CVE-2026-33810, CVE-2026-33870, ghsa-33mh-2634-fwr2, ghsa-3m6g-2423-7cp3, ghsa-72hv-8253-57qq, ghsa-j288-q9x7-2f5v, ghsa-j4pr-3wm6-xx2r, ghsa-pwqr-wmgm-9rr8, ghsa-wx95-c6cv-8532 applied in versions: 9.3.0-r1, 9.3.0-r2, 9.3.1-r0, 9.3.2-r0

Multiple security vulnerabilities affect the logstash-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2024-2423

creationtimestamp| type| source ---|---|--- 2025-08-27 21:18:45+00:00| seen| Telegram/znaOVYQxpzTmWaIWLc0eVC1gSwvqcyZphhakdwSq-Yg2Hkw...

CVE-2021-2423

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2024-2423)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CGA-85P3-33W4-2423

Bulletin has no description...

CVE-2024-2423

The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.2.6 due to insufficient input sanitization and output...

CVE-2024-2423 UsersWP <= 1.2.6 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode

The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.2.6 due to insufficient input sanitization and output...

CVE-2023-2423

creationtimestamp| type| source ---|---|--- 2023-08-08 18:14:06+00:00| seen| https://t.me/cibsecurity/67992...

CVE-2023-2423 Rockwell Automation Armor PowerFlex Vulnerable to Denial-Of-Service

A vulnerability was discovered in the Rockwell Automation Armor PowerFlex device when the product sends communications to the local event log. Threat actors could exploit this vulnerability by sending an influx of network commands, causing the product to generate an influx of event log traffic at...

CVE-2023-2423

Rockwell Automation Armor PowerFlex carries CVE-2023-2423. The issue arises when the device sends communications to the local event log, enabling an attacker to flood event log traffic with a high-rate influx of network commands, potentially stopping normal operations and forcing a self-reset (Do...

Exploit for CVE-2019-2423

This is a malicious LDAP server for JNDI injection attacks, classified as an exploit module/toolkit targeting Java JNDI API. The primary CVE ID is not explicitly mentioned, but the tool is designed to exploit insecure-by-default Java JNDI API, which is related to CVE-2019-2423. The tool targets...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2022-2423)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-2423

The DW Promobar WordPress plugin through 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2423

The CVE-2022-2423 entry concerns the DW Promobar WordPress plugin (versions up to 1.0.4). Affected component: plugin settings handling that does not sanitize/escape certain settings, enabling Stored XSS. Root cause: improper sanitization/escaping when unfiltered_html is disallowed (e.g., multisit...

CVE-2022-2423 DW Promobar <= 1.0.4 - Admin+ Stored Cross-Site Scripting

The DW Promobar WordPress plugin through 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

Mageia: Security Advisory (MGASA-2014-0189)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:2423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-2423

creationtimestamp| type| source ---|---|--- 2021-07-21 18:48:24+00:00| seen| https://t.me/cibsecurity/26336...

CVE-2021-2423

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...