CVE-2026-8423

creationtimestamp| type| source ---|---|--- 2026-05-21 10:32:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mme7qbsx7a2i...

MiracleLinux 9 : rpm-ostree-2024.3-3.el9_4 (AXSA:2024-8423:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8423:04 advisory. rpm-ostree: world-readable /etc/shadow file 9.4.z JIRA:RHEL-31852 CVE-2024-2905 A security vulnerability has been discovered within rpm-ostree, pertaining to...

WordPress My WP Translate plugin <= 1.1 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Option Read and Deletion vulnerability

Authenticated Subscriber+ Missing Authorization to Arbitrary Option Read and Deletion vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin My WP Translate versions = 1.1...

CVE-2020-8423

TP-Link TL-WR841N V10 (firmware 3.16.9) is affected by CVE-2020-8423 due to a buffer overflow in the httpd daemon. The flaw permits an authenticated remote attacker to execute arbitrary code by sending a GET request to the Wi‑Fi network configuration page. Affected component: httpd daemon on the ...

CVE-2019-8423

CVE-2019-8423 affects ZoneMinder up to version 1.32.3. The vulnerability is an SQL injection in the skins/classic/views/events.php file, triggered by the filter[Query][terms][0][cnj] parameter. The root cause is unsafely handled user input leading to database query manipulation. Documented impact...

Microsoft Zero-Day Patch for JET Bug Incomplete, Claims Firm

UPDATE Microsoft patched a zero-day in its JET Database Engine this week – but the patch was incomplete, according to researchers at 0patch. The company has developed a micropatch that corrects that hole, it said Friday. The memory corruption vulnerability CVE-2018-8423 could allow remote...

Patch Tuesday, October 2018 Edition

Microsoft this week released software updates to fix roughly 50 security problems with various versions of its Windows operating system and related software, including one flaw that is already being exploited and another for which exploit code is publicly available. The zero-day bug --...

CVE-2018-8423

CVE-2018-8423 : A remote code execution vulnerability exists in the Microsoft JET Database Engine. The issue affects Windows client/server family (Windows 7, 8.1, 10; Windows Server 2008/2012/2016/2019 and R2 variants). The root cause is within the JET Database Engine component; exploitation requ...

CVE-2018-8423

creationtimestamp| type| source ---|---|--- 2018-10-10 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=331 2018-10-10 14:13:18+00:00| seen| MISP/5bbe07fe-9cac-49a1-9527-323a0a021402 2018-12-31 09:35:34+00:00| seen|...

Microsoft Windows Multiple Vulnerabilities (KB4462922)

This host is missing a critical security update according to Microsoft KB4462922 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4462923)

This host is missing a critical security update according to Microsoft KB4462923 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Description of the security update for the remote code execution vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009: October 9, 2018

Description of the security update for the remote code execution vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009: October 9, 2018 Summary A remote code execution vulnerability exists in the Microsoft JET Database Engine. To learn more about the vulnerability, go...

KLA11889 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An elevation...

SRC-2018-0029 : Microsoft Windows Jet Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...

CVE-2014-8423

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/vap2500toolscommandexec.rb 2025-02-06 03:13:42+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:32+00:00| seen...

CVE-2016-8423

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

openSUSE Security Update : flash-player (openSUSE-2015-882)

This update for flash-player to version 11.2.202.554 fixes the following security issues in Adobe security advisory APSB15-32. - These updates resolve heap buffer overflow vulnerabilities that could lead to code execution CVE-2015-8438, CVE-2015-8446. - These updates resolve memory corruption...

CVE-2015-8423

creationtimestamp| type| source ---|---|--- 2015-12-18 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39047...

CVE-2015-8423

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute...

Design/Logic Flaw

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute...