ROOT-OS-UBUNTU-2404-CVE-2025-37933 CVE-2025-37933 in rootio-linux - Patched by Root

Root has patched CVE-2025-37933 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37933)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37933 advisory. - In the Linux kernel, the following vulnerability has been resolved: octeonep: Fix host hang issue during...

MAL-2025-37933 Malicious code in uranium-honey-gdq469-project (npm)

The package uranium-honey-gdq469-project was found to contain malicious code...

CVE-2025-37933 affecting package kernel for versions less than 6.6.92.2-1

CVE-2025-37933 affecting package kernel for versions less than 6.6.92.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-37933

An improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability CWE-79 in FortiADC GUI version 7.4.0, 7.2.0 through 7.2.1 and before 7.1.3 allows an authenticated attacker to perform an XSS attack via crafted HTTP or HTTPs requests...

CVE-2023-37933

creationtimestamp| type| source ---|---|--- 2025-03-11 15:48:20+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114144582033933632 2025-03-13 16:20:05+00:00| seen| https://t.me/truesecator/6837...

CVE-2023-37933

An improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability CWE-79 in FortiADC GUI version 7.4.0, 7.2.0 through 7.2.1 and before 7.1.3 allows an authenticated attacker to perform an XSS attack via crafted HTTP or HTTPs requests...

CVE-2023-37933

An improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability CWE-79 in FortiADC GUI version 7.4.0, 7.2.0 through 7.2.1 and before 7.1.3 allows an authenticated attacker to perform an XSS attack via crafted HTTP or HTTPs requests...

CVE-2023-37933

CVE-2023-37933 is an XSS vulnerability in Fortinet FortiADC GUI. Affected software: FortiADC GUI versions 7.4.0, 7.2.0 through 7.2.1, and before 7.1.3. Root cause: improper neutralization of input during web page generation (CWE-79). Attack scenario: an authenticated attacker can trigger the XSS ...

CVE-2023-37933

An improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability CWE-79 in FortiADC GUI version 7.4.0, 7.2.0 through 7.2.1 and before 7.1.3 allows an authenticated attacker to perform an XSS attack via crafted HTTP or HTTPs requests...

CVE-2024-37933

creationtimestamp| type| source ---|---|--- 2024-07-12 16:56:16+00:00| seen| https://t.me/cvedetector/750...

CVE-2024-37933

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in anhvnit Woocommerce OpenPos.This issue affects Woocommerce OpenPos: from n/a through 6.4.4...

CVE-2024-37933 WordPress Woocommerce OpenPos plugin <= 6.4.4 - Unauthenticated SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in anhvnit Woocommerce OpenPos.This issue affects Woocommerce OpenPos: from n/a through 6.4.4...

CVE-2024-37933 WordPress Woocommerce OpenPos plugin <= 6.4.4 - Unauthenticated SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in anhvnit Woocommerce OpenPos.This issue affects Woocommerce OpenPos: from n/a through 6.4.4...

CVE-2024-37933

CVE-2024-37933 is a confirmed, active SQL injection affecting Woocommerce OpenPos for WordPress (Openpos) up to version 6.4.4. The vulnerability arises from improper neutralization of input in SQL commands, enabling an unauthenticated attacker to potentially access or alter data over the network....

WordPress Woocommerce OpenPos Plugin <= 6.4.4 is vulnerable to SQL Injection

Software Woocommerce OpenPos Type Plugin Vulnerable versions = 6.4.4 Fixed in 7.0.1 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-37933 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID ffbf45a16888 Credits Dave Jong Patchstack Required privilege...

CVE-2022-37933

HPE Superdome Flex and Superdome Flex 280 servers are affected by CVE-2022-37933. Affects: HPE Superdome Flex firmware 3.60.50 and below; HPE Superdome Flex 280 firmware 1.40.60 and below. Issue causes local unauthorized data injection. Remediation: upgrade to firmware versions above 3.60.50 (for...

CVE-2022-37933

A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be exploited to allow local unauthorized data injection. HPE has made the following software updates to resolve the vulnerability in HPE Superdome Flex firmware...

CVE-2021-37933

creationtimestamp| type| source ---|---|--- 2021-10-14 20:27:43+00:00| seen| https://t.me/cibsecurity/30579...

CVE-2021-37933

An LDAP injection vulnerability in /account/login in Huntflow Enterprise before 3.10.6 could allow an unauthenticated, remote user to modify the logic of an LDAP query and bypass authentication. The vulnerability is due to insufficient server-side validation of the email parameter before using it...