ROOT-OS-ALPINE-323-CVE-2026-22796 CVE-2026-22796 in rootio-openssl - Patched by Root

Root has patched CVE-2026-22796 in the rootio-openssl package for Root:Alpine:3.23. Multiple fixed versions available...

CVE-2026-27950 FreeRDP heap-use-after-free in update_pointer_new(SDL): Fix Applied in the Wrong File

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the SDL2 implementation, the fix appears to have been...

WordPress plugin HSS Embed Streaming Video 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress HSS Embed Streaming Video plugin <= 3.23 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin HSS Embed Streaming Video versions = 3.23...

WordPress plugin Media Library Assistant 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Media Library Assistant plugin <= 3.23 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Media LIbrary Assistant versions = 3.23...

WordPress plugin Order Export for WooCommerce 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

WordPress Order Export for WooCommerce plugin <= 3.23 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Order Export for WooCommerce versions = 3.23...

CVE-2021-40339

Configuration vulnerability in Hitachi Energy LinkOne application due to the lack of HTTP Headers, allows an attacker that manages to exploit this vulnerability to retrieve sensitive information. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26...

CVE-2021-40337 OWASP Related Vulnerabilities in Hitachi Energy’s LinkOne Product

Cross-site Scripting XSS vulnerability in Hitachi Energy LinkOne allows an attacker that manages to exploit the vulnerability can take advantage to exploit multiple web attacks and stole sensitive information. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26...

GPS Daemon (GPSD) Rollover Bug

Critical Infrastructure CI owners and operators, and other users who obtain Coordinated Universal Time UTC from Global Positioning System GPS devices, should be aware of a GPS Daemon GPSD bug in GPSD versions 3.20 released December 31, 2019 through 3.22 released January 8, 2021. On October 24,...

MGASA-2021-0411 Updated gpsd packages fix security vulnerability and other bugs

It was discovered that GPSd incorrectly handled certain leap second events which would result in the time jumping back 1024 weeks on 2021-10-31. This update provides upstream version 3.23 that has this and several other upstream issues fixed. It also fixes issues that prevents it to start properl...

CVE-2017-1000025

GNOME Web Epiphany 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites...

CVE-2016-2834

Mozilla Network Security Services NSS before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via unknown vectors...

FreeBSD : NSS -- multiple vulnerabilities (32166082-53fa-41fa-b081-207e7a989a0a)

Mozilla Foundation reports : Mozilla has updated the version of Network Security Services NSS library used in Firefox to NSS 3.23. This addresses four moderate rated networking security issues reported by Mozilla engineers Tyson Smith and Jed Davis. %NASLMINLEVEL 70300 C Tenable Network Security,...

NSS -- multiple vulnerabilities

Mozilla Foundation reports: Mozilla has updated the version of Network Security Services NSS library used in Firefox to NSS 3.23. This addresses four moderate rated networking security issues reported by Mozilla engineers Tyson Smith and Jed Davis...

Inetserv 3.23 POP3 Denial of Service

No description provided by source. !/usr/bin/python Exploit Title: Inetserv 3.23 POP3 DoS Date: 1/24/2011 Author: dmnt thx G13 for base Software Link: http://www.avtronics.net/inetserv.php Version: 3.23 DoS in RETR and DELE import socket s = socket.socketsocket.AFINET, socket.SOCKSTREAM buffer =...

Texas Imperial Software WFTPD 3.23 SIZE Overflow

No description provided by source. $Id: wftpdsize.rb 9583 2010-06-22 19:11:05Z todb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

web calendar system <= 3.40 (xss/sql) Multiple Vulnerabilities

No description provided by source. 000000 00000 0000 0000 000 00 000000 0000000 0000 000000 00000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00000 0 0 0 0 0 0 0 0 00000 0000 0 0 0 0 00000 0 0 0 0 0 0 0 0 0 0 000 0 0 0 ...

Debian Security Advisory DSA 2523-1 (globus-gridftp-server)

The remote host is missing an update to globus-gridftp-server announced via advisory DSA 2523-1. OpenVAS Vulnerability Test $Id: deb25231.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2523-1 globus-gridftp-server Authors: Thomas Reinke Copyright: Copyrigh...