CVE-2025-14224

A vulnerability was found in Yottamaster DM2, DM3 and DM200 up to 1.2.23/1.9.12. Affected by this issue is some unknown functionality of the component File Upload. Performing manipulation results in path traversal. Remote exploitation of the attack is possible. The exploit has been made public an...

WordPress Talemy Theme <= 1.2.23 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds in WordPress Theme Talemy versions = 1.2.23...

CVE-2025-24587 WordPress Email Subscription Popup plugin <= 1.2.23 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nks Email Subscription Popup email-subscribe allows Blind SQL Injection.This issue affects Email Subscription Popup: from n/a through = 1.2.23...

PT-2022-6138

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.23 Description A command injection vulnerability in Cacti allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The...

Updated tomcat packages fix security vulnerabilities

Updated tomcat packages fix security vulnerabilities: The HTTP/2 implementation accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servlet...

xmlsec XML External Entity Injection Vulnerability

xmlsec is a C-based library for implementing XML security standards. An XML external entity injection vulnerability exists in xmlsec 1.2.23 and earlier versions. An attacker could exploit this vulnerability to obtain information or cause a denial of service with the help of a specially crafted...

UBUNTU-CVE-2017-1000061

xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service...

PT-2017-4096 · Aleksey Sanin +4 · Xmlsec +4

Name of the Vulnerable Software and Affected Versions: xmlsec versions 1.2.23 and earlier Description: The issue is related to the incorrect restriction of XML links to external objects in the xmlsec crypt library. This can allow a remote attacker to impact the confidentiality and availability of...

CVE-1999-1085

SSH 1.2.25, 1.2.23, and other versions, when used in in CBC Cipher Block Chaining or CFB Cipher Feedback 64 bits modes, allows remote attackers to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext attack and computing a valid CRC-32 checksum...