EUVD-2026-2579

Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2018-2579 vulnerabilities

Vulnerabilities for packages: openjdk-17-openj9, openjdk-11-openj9, openjdk-21-openj9, openjdk-8-openj9...

CVE-2023-2579

The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-2579

creationtimestamp| type| source ---|---|--- 2025-04-24 09:12:18+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13203 2025-04-24 13:03:49+00:00| seen| https://t.me/cvedetector/23663 2025-04-24 14:19:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnkvntxwh72h...

CVE-2025-2579 Lottie Player <= 1.1.8 - Authenticated (Author+) Stored Cross-Site Scripting via File Upload

The Lottie Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File uploads in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to...

WordPress Lottie Player plugin <= 1.1.8 - Authenticated (Author+) Stored Cross-Site Scripting via File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via File Upload vulnerability discovered by Avraham Shemesh in WordPress Plugin Lottie Player block - Implement Lottie animations. versions = 1.1.8...

Linux Distros Unpatched Vulnerability : CVE-2020-2579

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.6.46 and prior, 5.7.28 and...

Linux Distros Unpatched Vulnerability : CVE-2017-2579

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack function has an insufficient code value check, so that a malicious...

Amazon Linux 2 : iperf3 (ALAS-2024-2579)

The version of iperf3 installed on the remote host is prior to 3.1.7-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2579 advisory. It is possible for a malicious or malfunctioning client to send lessthan the expected amount of data to the server. If this happens,...

RHEL 6 : netpbm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - netpbm: Out-of-bounds write in writeRasterPbm function CVE-2017-2581 - An out-of-bounds read vulnerabilit...

Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Virtualization Engine TS7700 - October 2017, January 2018 and April 2018

Summary There are multiple vulnerabilities in IBM® SDK, Java™ Technology Edition, Versions 7 and 8, that are used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in October 2017, January 2018 and April 2018. Vulnerability Details CVEID:...

CVE-2023-2579

The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-2579 InventoryPress <= 1.7 - Author+ Stored XSS

The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-2579 InventoryPress <= 1.7 - Author+ Stored XSS

The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-2579

CVE-2023-2579 concerns the InventoryPress WordPress plugin (≤1.7). The issue is due to insufficient sanitisation/escaping of plugin settings, enabling authenticated users with role Author or higher to perform Stored XSS. Public writeups and Red Hat/NVD entries confirm the vulnerability and its pe...

WordPress InventoryPress Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)

Software InventoryPress Type Plugin Vulnerable versions = 1.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2579 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 980d01840734 Credits daniloalbuqrque Require...

CVE-2023-2579

creationtimestamp| type| source ---|---|--- 2023-06-25 05:29:15+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/4610 2023-07-17 18:40:17+00:00| seen| https://t.me/cibsecurity/66820...

CVE-2022-2579

creationtimestamp| type| source ---|---|--- 2022-07-29 20:13:44+00:00| seen| https://t.me/cibsecurity/47269...

CVE-2022-2579

A vulnerability, which was classified as problematic, was found in SourceCodester Garage Management System 1.0. Affected is an unknown function of the file /phpaction/createUser.php. The manipulation of the argument userName with the input lala leads to cross site scripting. It is possible to...

CVE-2022-2579

CVE-2022-2579 affects SourceCodester Garage Management System 1.0. The vulnerability lies in /php_action/createUser.php (unknown function) where the userName parameter is vulnerable to reflected XSS by input such as lala or similar. Exploitation is described as remote, with public disclosure in t...