MiracleLinux 7 : httpd24-httpd-2.4.34-23.el7.5 (AXSA:2022-3871:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3871:03 advisory. httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: Request splitting via HTTP/2 method injection and modproxy CVE-2021-33193 httpd: NULL...

CVE-2025-30556

Cross-Site Request Forgery CSRF vulnerability in flyaga Fix Rss Feeds fix-rss-feed allows Cross Site Request Forgery.This issue affects Fix Rss Feeds: from n/a through = 3.1...

CVE-2025-30556

Cross-Site Request Forgery CSRF vulnerability in flyaga Fix Rss Feeds fix-rss-feed allows Cross Site Request Forgery.This issue affects Fix Rss Feeds: from n/a through = 3.1...

CVE-2025-30556

CVE-2025-30556 is a CSRF vulnerability in the WordPress plugin Fix Rss Feeds (affected:

CVE-2025-30556 WordPress Fix Rss Feeds plugin <= 3.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in flyaga Fix Rss Feeds fix-rss-feed allows Cross Site Request Forgery.This issue affects Fix Rss Feeds: from n/a through = 3.1...

Apache 2.4.x < 2.4.54 Multiple Vulnerabilities (mod_lua)

The version of Apache httpd installed on the remote host is prior to 2.4.54. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.54 advisory. - Denial of service in modlua r:parsebody: In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that...

CVE-2024-30556

Technical details beyond the initial description for CVE-2024-30556 are not present in the connected documents. The vulnerability is described as Stored XSS in Mighty Classic Pros And Cons plugin; no further product/version specifics or patch info are provided here. Monitor for updates.

CVE-2024-30556 WordPress Mighty Classic Pros And Cons plugin <= 2.0.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MightyThemes Mighty Classic Pros And Cons allows Stored XSS.This issue affects Mighty Classic Pros And Cons: from n/a through 2.0.9...

CVE-2024-30556 WordPress Mighty Classic Pros And Cons plugin <= 2.0.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MightyThemes Mighty Classic Pros And Cons allows Stored XSS.This issue affects Mighty Classic Pros And Cons: from n/a through 2.0.9...

WordPress Mighty Classic Pros And Cons Plugin <= 2.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Mighty Classic Pros And Cons Type Plugin Vulnerable versions = 2.0.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30556 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ecb603fa9314 Credits LVT-tholv2k Required...

Rocky Linux 8 : httpd:2.4 (RLSA-2022:7647)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7647 advisory. - A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Serve...

BELL-CVE-2022-30556 CVE-2022-30556 does not affect BellSoft software

Bulletin has no description...

CVE-2023-30556

CVE-2023-30556 concerns an SQL injection in Archery, an open source SQL audit platform. The vulnerability affects the function/flow where user input from the db_name parameter in sql_optimize.py is passed to the sqltuningadvisor method in oracle.py, enabling attackers to query connected databases...

CVE-2023-30556 SQL injection in sql_optimize.py optimize_sqltuningadvisor method in Archery - GHSL-2022-107

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the optimizesqltuningadvisor method of sqloptimize.py. User input comin...

CVE-2023-30556 SQL injection in sql_optimize.py optimize_sqltuningadvisor method in Archery - GHSL-2022-107

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the optimizesqltuningadvisor method of sqloptimize.py. User input comin...

K69309752: Apache HTTPD vulnerability CVE-2022-30556

Security Advisory Description Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread that point past the end of the storage allocated for the buffer. CVE-2022-30556 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

Security Bulletin: IBM Aspera Orchestrator affected by Apache HTTP Server vulnerability (CVE-2022-30556)

Summary The following vulnerability has been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2022-30556 DESCRIPTION: Apache HTTP Server could allow a remote attacker to obtain sensitive information, caused by an error in modlua with websockets. An attacker could exploi...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2884)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome Security Update (stable-channel-update-for-desktop_17-2021-06) - Linux

Google Chrome is prone to multiple after free vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

Google Chrome Security Update (stable-channel-update-for-desktop_17-2021-06) - Mac OS X

Google Chrome is prone to multiple after free vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...