Linux Distros Unpatched Vulnerability : CVE-2022-35133

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into th...

CVE-2021-35133

Use after free in the synx driver issue while performing other functions during multiple invocation of synx release calls in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2020-35133

irfanView 4.56 contains an error processing parsing files of type .pcx. Which leads to out-of-bounds writing at iview32+0xdb60...

IBM Security Verify Access 10.0.0 - Open Redirect during OAuth Flow

Exploit Title : IBM Security Verify Access 10.0.0 - Open Redirect during OAuth Flow ======== ================================================ 0. Overview 1. Detailed Description 2. Proof Of Concept 3. Solution 4. Disclosure Timeline 5. References 6. Credits 7. Legal Notices ========...

CVE-2024-35133

creationtimestamp| type| source ---|---|--- 2024-08-29 20:24:32+00:00| seen| https://t.me/cvedetector/4434...

Mageia: Security Advisory (MGASA-2024-0074)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated cherrytree packages fix security vulnerability

A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node. CVE-2022-35133...

Fedora 37 : moodle (2023-ce24b63b36)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ce24b63b36 advisory. Fix for several CVEs Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not test...

Fedora 38 : moodle (2023-3ca351353f)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3ca351353f advisory. Fix for several CVEs Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not test...

CVE-2023-35133

An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions...

CVE-2023-35133 Moodle: ssrf risk due to insufficient check on the curl blocked hosts

An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions...

Moodle Multiple Vulnerabilities (MSA-23-0017, MSA-23-0018)

Moodle is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:moodle:moodle"; ifdescription...

CVE-2023-35133 Moodle: ssrf risk due to insufficient check on the curl blocked hosts

An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions...

CVE-2023-35133

The CVE-2023-35133 issue is a Moodle SSRF risk caused by an incorrect check of 0.0.0.0 against the curl blocked hosts lists. Affected Moodle versions include 4.2 and 4.1.x up to 4.1.3, 4.0.x up to 4.0.8, 3.11.x up to 3.11.14, 3.9.x up to 3.9.21, and earlier unsupported releases. The connected OSV...

openSUSE 15 Security Update : cherrytree (openSUSE-SU-2022:10230-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:10230-1 advisory. - A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2021-35133

Use after free in the synx driver issue while performing other functions during multiple invocation of synx release calls in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2021-35133

Use after free in the synx driver issue while performing other functions during multiple invocation of synx release calls in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2021-35133

CVE-2021-35133 refers to a use-after-free in the synx driver within Qualcomm Snapdragon components (Connectivity, Industrial IOT, Mobile). The issue occurs during multiple invocations of synx release calls, i.e., a use-after-free in a driver path. Impact is described as high for confidentiality, ...

CVE-2022-35133

A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node...

CVE-2022-35133

A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node...