Security Bulletin: IBM i is vulnerable to an out-of-bounds write in NTP services due to multiple vulnerabilities.

Summary IBM i is vulnerable to an out-of-bounds write due to a flaw in mstolfp.c in NTP CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, and CVE-2023-26554 as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerabilities as described in t...

Security Bulletin: Vulnerability with NTP 4.2.8p15 affect IBM Cloud Object Storage Systems (March 2025)

Summary Vulnerability with NTP CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554 . This vulnerability has been addressed in the latest ClevOS release Vulnerability Details CVEID:CVE-2023-26552 DESCRIPTION: mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when...

Linux Distros Unpatched Vulnerability : CVE-2023-26551

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq process, but...

CVE-2025-26551

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sureshdsk Bootstrap collapse bootstrap-collapse allows Stored XSS.This issue affects Bootstrap collapse: from n/a through = 1.0.4...

CVE-2025-26551

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sureshdsk Bootstrap collapse bootstrap-collapse allows Stored XSS.This issue affects Bootstrap collapse: from n/a through = 1.0.4...

CVE-2025-26551 WordPress Bootstrap collapse plugin <= 1.0.4 - CSRF to Stored Cross-Site Scripting vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sureshdsk Bootstrap collapse bootstrap-collapse allows Stored XSS.This issue affects Bootstrap collapse: from n/a through = 1.0.4...

CVE-2025-26551 WordPress Bootstrap collapse plugin <= 1.0.4 - CSRF to Stored Cross-Site Scripting vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sureshdsk Bootstrap collapse bootstrap-collapse allows Stored XSS.This issue affects Bootstrap collapse: from n/a through = 1.0.4...

CVE-2025-26551

CVE-2025-26551 concerns the WordPress Bootstrap Collapse plugin (versions

Security Bulletin: Vulnerability in Network Time Protocol (NTP) affects IBM Integrated Analytics System [CVE-2023-26551]

Summary Redhat provided Network Time Protocol NTP is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2023-26551 Vulnerability Details CVEID:CVE-2023-26551 DESCRIPTION: NTP is vulnerable to a denial of service, caused by an out-of-bound...

Photon OS 4.0: Ntp PHSA-2023-4.0-0417

An update of the ntp package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0417. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20452...

RHEL 6 : ntp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ntp: Using port 123 for modes where a fixed port number is not required facilitates off-path attacks...

EulerOS Virtualization 2.9.0 : ntp (EulerOS-SA-2023-2990)

According to the versions of the ntp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack ...

EulerOS Virtualization 2.11.0 : ntp (EulerOS-SA-2023-2765)

According to the versions of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack...

Amazon Linux 2 : ntp (ALAS-2024-2396)

The version of ntp installed on the remote host is prior to 4.2.8p15-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2396 advisory. 2024-02-15: CVE-2023-26555 was added to this advisory. mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds wri...

Security Bulletin: AIX is vulnerable to a denial of service due to NTP (CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554)

Summary Multiple vulnerabilities in NTP could allow a remote attacker to cause a denial of service CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554. Vulnerability Details CVEID:CVE-2023-26551 DESCRIPTION: NTP is vulnerable to a denial of service, caused by an out-of-bounds write in...

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2023-2700)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2023-2658)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2023-2591)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : ntp (EulerOS-SA-2023-2591)

According to the versions of the ntp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq...

EulerOS 2.0 SP9 : ntp (EulerOS-SA-2023-2621)

According to the versions of the ntp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq...