Linux Distros Unpatched Vulnerability : CVE-2026-7233

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component...

CVE-2026-7233 Artifex MuPDF CFF Index subset-cff.c fz_subset_cff_for_gids out-of-bounds

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

CVE-2026-7233

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

CVE-2019-7233

In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer dereference...

EUVD-2025-7233

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-7233

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer dereference. CVE-2019-7233 Note that Nessus relies on the presence of the package as...

CVE-2025-7233 IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in th...

CVE-2025-7233

creationtimestamp| type| source ---|---|--- 2025-07-08 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-494/...

CVE-2013-7233

Cross-site request forgery CSRF vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and earlier allows remote attackers to hijack the authentication of administrators for requests that move comments to the moderation list...

CVE-2015-7233

Cross-site request forgery CSRF vulnerability in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Import module is enabled, allows remote attackers to hijack the authentication of administrators for requests that create new OSF datasets via unspecified vectors...

Ubuntu 16.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7233-3)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7233-3 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

CVE-2024-7233

Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system ...

CVE-2024-7233 Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability

Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system ...

RHEL 6 : django (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-django: DNS rebinding vulnerability when 'DEBUG=True' CVE-2016-9014 - Django before 1.4.21, 1.5.x...

RHEL 6 : python-django (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-django: DNS rebinding vulnerability when 'DEBUG=True' CVE-2016-9014 - Django 1.10 before 1.10.7, 1...

WordPress GigPress Plugin <= 2.3.29 is vulnerable to Cross Site Scripting (XSS)

Software GigPress Type Plugin Vulnerable versions = 2.3.29 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-7233 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c045bab20df5 Credits Bob Matyas Required privilege...

CVE-2023-7233

creationtimestamp| type| source ---|---|--- 2024-02-12 17:22:06+00:00| seen| https://t.me/ctinow/183279...

CVE-2023-7233

The GigPress WordPress plugin through 2.3.29 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-7233

CVE-2023-7233 affects the GigPress WordPress plugin up to version 2.3.29. Affected component: plugin settings not sanitised/escaped, enabling Stored Cross-Site Scripting by high-privilege users (e.g., Administrators) even when unfiltered_html is disallowed (multisite scenarios). Documented detail...

CVE-2023-7233 GigPress <= 2.3.29 - Admin+ Stored Cross Site Scripting

The GigPress WordPress plugin through 2.3.29 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...