Important Photon OS Security Update - PHSA-2026-5.0-0846

Updates of 'linux', 'linux-esx' packages of Photon OS have been released...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +935 more potentially affected by CVE-2026-0846 via nltk (>=2.0.4 <=3.9.2)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0846 Source advisory: OSV:GHSA-H8WQ-7XC4-P3QX...

CVE-2026-0846

A flaw was found in the nltk component. This vulnerability, specifically within the filestring function of the nltk.util module, allows an attacker to perform arbitrary file reads. By providing specially crafted input paths, either absolute or using directory traversal, an attacker can bypass inp...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +935 more potentially affected by CVE-2026-0846 via nltk (>=2.0.4 <=3.9.2)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0846 Source advisory: OSV:PYSEC-2026-97...

CVE-2019-0846

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0847, CVE-2019-0851, CVE-2019-0877, CVE-2019-0879...

CVE-2025-0846

A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2025-0846

creationtimestamp| type| source ---|---|--- 2025-01-30 00:16:39+00:00| seen| https://infosec.exchange/users/cve/statuses/113914426084209350 2025-01-30 01:15:36+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgwcowhqf22t 2025-01-30 01:30:26+00:00|...

CVE-2025-0846 1000 Projects Employee Task Management System AdminLogin.php sql injection

A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2025-0846 1000 Projects Employee Task Management System AdminLogin.php sql injection

A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2023-0846

creationtimestamp| type| source ---|---|--- 2024-04-09 20:21:31+00:00| seen| https://t.me/arpsyndicate/4414...

SUSE: Security Advisory (SUSE-SU-2023:0846-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : xen (SUSE-SU-2023:0846-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0846-1 advisory. - x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work XSA-254, one...

Debian: Security Advisory (DLA-206-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-0846

CVE-2023-0846 is an unauthenticated, stored cross-site scripting vulnerability in OpenNMS Horizon and Meridian, affecting the display of alarm reduction keys. The root cause is described as inadequate protection of the web page structure, enabling an attacker to access confidential session inform...

CVE-2023-0846 Unauthenticated, stored XSS in display of alarm reduction-key

Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horizon...

SUSE CVE-2009-0846

The asn1decodegeneraltime function in lib/krb5/asn.1/asn1decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 aka krb5 before 1.6.4 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via vectors involving an invalid DER encoding that...

django-kb (>=0.1.0 <=0.2.0) potentially affected by CVE-2015-0846 via django-markupfield (=1.2.1)

django-markupfield PYPI version =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on django-markupfield and may be impacted: - django-kb =0.1.0, =0.2.0 Source cves: CVE-2015-0846 Source advisory: OSV:GHSA-WXMR-7XJV-8XQW...

CVE-2022-0846

creationtimestamp| type| source ---|---|--- 2022-03-28 22:42:02+00:00| seen| https://t.me/cibsecurity/39671 2025-01-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-26 2025-05-10 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities -...

CVE-2022-0846

CVE-2022-0846 affects the WordPress plugin SpeakOut! Email Petitions up to version 2.14.15.1. The vulnerability is due to improper sanitisation/escaping of the id parameter used in the SQL statement within the dk_speakout_sendmail AJAX action, allowing unauthenticated SQL injection. Exploitation ...

CVE-2019-0846

The CVE-2019-0846 entry concerns a remote code execution vulnerability in the Microsoft Windows Jet Database Engine. Connected sources describe the root cause as improper handling of objects in memory within the Jet Database Engine, enabling arbitrary code execution when a victim opens a crafted ...