9 matches found
CLEANSTART-2026-WH33500 CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs
Multiple security vulnerabilities affect the atlantis-fips package. The CombinedMult function in the CIRCL ecc/p384 package secp384r1 curve produces an incorrect value for specific inputs. See references for individual vulnerability details...
CVE-2025-69048
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Universal Video Player universal-video-player allows Reflected XSS.This issue affects Universal Video Player: from n/a through = 3.8.4...
CVE-2026-23840
creationtimestamp| type| source ---|---|--- 2026-01-19 19:42:12+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcsfllxkv62w 2026-01-19 19:42:34+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcsfmapvdc2n 2026-01-19 22:03:07+00:00| seen|...
WordPress Universal Video Player plugin <= 3.8.4 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Universal Video Player versions = 3.8.4...
Amazon Linux 2 : sox, --advisory ALAS2-2025-3032 (ALAS-2025-3032)
The version of sox installed on the remote host is prior to 14.4.1-7. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3032 advisory. A floating point exception divide-by-zero issue was discovered in SoX in functon startread of wav.c file. An attacker with a crafted w...
September 9, 2025—KB5065427 (OS Build 14393.8422)
September 9, 2025—KB5065427 OS Build 14393.8422 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices for the...
BIT-LIBPYTHON-2020-15801
In Python 3.8.4, sys.path restrictions specified in a python38.pth file are ignored, allowing code to be loaded from arbitrary locations. The .pth file e.g., the python.pth file is not affected...
UBUNTU-CVE-2025-22145
Carbon is an international PHP extension for DateTime. Application passing unsanitized user input to Carbon::setLocale are at risk of arbitrary file include, if the application allows users to upload files with .php extension in an folder that allows include or require to read it, then they are a...
Python has an unspecified vulnerability
Python is an open source, object-oriented programming language from the Python Software Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in Python version 3.8.4, which stems from the program's failure to enforc...