Debian dsa-6307 : kitty - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6307 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6307-1 [email protected] https://www.debian.org/securit...

Linux Distros Unpatched Vulnerability : CVE-2026-33642

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on...

CVE-2026-33642

creationtimestamp| type| source ---|---|--- 2026-05-19 20:00:34+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mma6kvszab2e 2026-05-19 21:13:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmacmyipvw2k 2026-05-20 01:30:29+00:00| seen|...

CVE-2026-33642

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

CVE-2023-33642

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the EditBasicSSID interface at /goform/aspForm...

Linux Distros Unpatched Vulnerability : CVE-2021-33642

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When a file is processed, an infinite loop occurs in nextinline of the morecurly function. CVE-2021-33642 Note that Nessus relies on the presence of the package...

RHEL 7 : byacc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - byacc: malloc incorrectly accessing released memory leads to use after free CVE-2021-33641 - When a file ...

RHEL 6 : byacc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - byacc: malloc incorrectly accessing released memory leads to use after free CVE-2021-33641 - When a file ...

CVE-2024-33642

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EkoJR Advanced Post List allows Stored XSS.This issue affects Advanced Post List: from n/a through 0.5.6.1...

CVE-2024-33642 WordPress Advanced Post List plugin <= 0.5.6.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EkoJR Advanced Post List allows Stored XSS.This issue affects Advanced Post List: from n/a through 0.5.6.1...

CVE-2024-33642

CVE-2024-33642 denotes an stored XSS in the WordPress plugin “Advanced Post List” due to improper input neutralization during web page generation. Affected range: from n/a up to 0.5.6.1. The CVSS 3.1 base score is 5.9 (Medium) with impact on confidentiality, integrity, and availability (C/L/I/A)....

CVE-2024-33642 WordPress Advanced Post List plugin <= 0.5.6.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EkoJR Advanced Post List allows Stored XSS.This issue affects Advanced Post List: from n/a through 0.5.6.1...

WordPress Advanced Post List Plugin <= 0.5.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Post List Type Plugin Vulnerable versions = 0.5.6.1 Fixed in 0.5.6.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33642 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 93b608a88e7f Credits emad Required privilege...

CVE-2023-33642

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the EditBasicSSID interface at /goform/aspForm...

CVE-2023-33642

CVE-2023-33642 affects the H3C Magic R300 device, specifically version R300-2100MV100R004, where a stack overflow is triggered via the Edit_BasicSSID interface at /goform/aspForm. The root cause is boundary checking/stack overflow in the affected endpoint. The available sources describe the impac...

Huawei EulerOS: Security Advisory for byacc (EulerOS-SA-2023-1778)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for byacc (EulerOS-SA-2023-1756)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : byacc (EulerOS-SA-2023-1778)

According to the versions of the byacc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory use...

SUSE CVE-2021-33642

When a file is processed, an infinite loop occurs in nextinline of the morecurly function...

CVE-2021-33642

When a file is processed, an infinite loop occurs in nextinline of the morecurly function...