37 matches found
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : libcaca vulnerability (USN-8318-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8318-1 advisory. It was discovered that libcaca incorrectly handled certain malformed files. An attacker could use this issue to cause libcaca to...
CVE-2026-8318
A security flaw has been discovered in VectifyAI PageIndex up to f50e52975313c6716c02b20a119577a1929decba. Affected by this vulnerability is the function toctransformer of the file pageindex/pageindex.py of the component PDF Table of Contents Handler. The manipulation results in infinite loop. Th...
CVE-2026-8318
The vulnerability affects VectifyAI PageIndex (PDF Table of Contents Handler) specifically the toc_transformer in pageindex/page_index.py. The issue causes an infinite loop due to the underlying manipulation, and is described as exploitable remotely. The description notes rolling releases with no...
CVE-2025-8318 Jobify <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via keyword Parameter
The Jobify plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘keyword’ parameter in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2025-8318 Jobify <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via keyword Parameter
The Jobify plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘keyword’ parameter in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...
WordPress Jobify - Job Board WordPress Theme Theme <= 1.4.4 is vulnerable to Cross Site Scripting (XSS)
Software Jobify - Job Board WordPress Theme Type Theme Vulnerable versions = 1.4.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2025-8318 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID edb43386dd8c Credits Muhammad...
MAL-2025-8318 Malicious code in @lbnqduy/animated-octo-enigma (npm)
The package @lbnqduy/animated-octo-enigma was found to contain malicious code...
CVE-2019-8318
creationtimestamp| type| source ---|---|--- 2025-07-08 21:02:34+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lti75iqe7f2q...
CVE-2024-8318
creationtimestamp| type| source ---|---|--- 2024-09-04 11:03:22+00:00| seen| https://t.me/cvedetector/4777...
CVE-2024-8318 Attributes for Blocks <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via attributesForBlocks Parameter
The Attributes for Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘attributesForBlocks’ parameter in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress Attributes for Blocks Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)
Software Attributes for Blocks Type Plugin Vulnerable versions = 1.0.6 Fixed in 1.0.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8318 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 29a794b4ba36 Credits Francesco Carlucci...
Oracle Linux 9 : libldb (ELSA-2022-8318)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-8318 advisory. - resolves: rhbz2109017 - Fix CVE-2022-32746 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
CVE-2020-8318
A privilege escalation vulnerability was reported in the LenovoSystemUpdatePlugin for Lenovo System Interface Foundation prior to version that could allow an authenticated user to execute code with elevated privileges...
CVE-2020-8318
A privilege escalation vulnerability was reported in the LenovoSystemUpdatePlugin for Lenovo System Interface Foundation prior to version that could allow an authenticated user to execute code with elevated privileges...
CVE-2020-8318
The CVE-2020-8318 entry describes a privilege-escalation vulnerability in Lenovo System Interface Foundation, specifically in the LenovoSystemUpdatePlugin, which could allow an authenticated user to execute code with elevated privileges. Affected stack includes Lenovo System Interface Foundation ...
Lenovo Vantage Vulnerabilities - Lenovo Support US
No description provided...
Lenovo Vantage Vulnerabilities - Lenovo Support US
Lenovo Security Advisory: LEN-30401 Potential Impact: Escalation of Privilege, Improper Verification of Cryptographic Signature, Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2020-8316, CVE-2020-8318, CVE-2020-8319, CVE-2020-8324, CVE-2020-8327 Summary Description: The...
CVE-2019-8318
CVE-2019-8318 concerns D-Link DIR-878 devices (firmware 1.12A1) with a command injection vulnerability. The issue arises when an HNAP API function triggers a call to the twsystem function using untrusted input from the request body, specifically via the SetSysEmailSettings API and illustrated by ...
openSUSE: Security Advisory for mysql-community-server (openSUSE-SU-2017:0618-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : mysql-community-server (openSUSE-2017-315)
mysql-community-server was updated to version 5.6.35 to fix bugs and security issues : - Changes http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 35.html - Fixed CVEs: CVE-2016-8318 boo1020872, CVE-2017-3312 boo1020873, CVE-2017-3258 boo1020875, CVE-2017-3273 boo1020876, CVE-2017-3244...