Fedora 42 : plantuml (2026-0d819a3a70)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0d819a3a70 advisory. Update to version 1.2026.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...

Fedora 43 : plantuml (2026-e25e1b1d0f)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e25e1b1d0f advisory. Update to version 1.2026.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...

Fedora: Security Advisory (FEDORA-2026-e25e1b1d0f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-0858

creationtimestamp| type| source ---|---|--- 2026-01-16 08:18:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcjnxolaze2o 2026-02-09 11:49:07+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3megewvzo3k23...

ba.sake:hepek-components_2.12 (>=0.7.0 <=0.8.0), ba.sake:hepek-components_2.13 (>=0.7.0 <=0.9.0) +323 more potentially affected by CVE-2026-0858 via net.sourceforge.plantuml:plantuml (>=1.2017.12 <=1.2025.7)

net.sourceforge.plantuml:plantuml MAVEN version =1.2017.12, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.0.2, =0.0.1, =0.0.59, =0.0.46, =0.0.46, =1.4.0, =2.0.0-M4 and more Source cves: CVE-2026-0858 Source advisory: OSV:GHSA-HRVF-G648-RF3M...

CVE-2026-0858

Versions of the package net.sourceforge.plantuml:plantuml before 1.2026.0 are vulnerable to Stored XSS due to insufficient sanitization of interactive attributes in GraphViz diagrams. As a result, a crafted PlantUML diagram can inject malicious JavaScript into generated SVG output, leading to...

CVE-2026-0858

Versions of the package net.sourceforge.plantuml:plantuml before 1.2026.0 are vulnerable to Stored XSS due to insufficient sanitization of interactive attributes in GraphViz diagrams. As a result, a crafted PlantUML diagram can inject malicious JavaScript into generated SVG output, leading to...

ba.sake:hepek-components_2.12 (>=0.7.0 <=0.8.0), ba.sake:hepek-components_2.13 (>=0.7.0 <=0.9.0) +323 more potentially affected by CVE-2026-0858 via net.sourceforge.plantuml:plantuml (>=1.2017.12 <=1.2025.7)

net.sourceforge.plantuml:plantuml MAVEN version =1.2017.12, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.0.2, =0.0.1, =0.0.59, =0.0.46, =0.0.46, =1.4.0, =2.0.0-M4 and more Source cves: CVE-2026-0858 Source advisory: SNYK:JAVA-NETSOURCEFORGEPLANTUML-14552230...

CVE-2012-0858

The Shorten codec shorten.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary...

CVE-2025-0858 Certain Poly Devices – Path Traversal Vulnerability - Arbitrary File Access by Unauthorized User

A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in certain Poly devices. The firmware flaw does not properly prevent path traversal and could lead to information disclosure...

CVE-2025-0858

The CVE-2025-0858 entry is about Poly Edge E firmware up to version 8.2.1.0820 where a path traversal flaw could disclose information. The root cause is the firmware not properly preventing path traversal. Affected products are Poly Edge E devices; impact is information disclosure. The exploited ...

CVE-2025-0858 Certain Poly Devices – Path Traversal Vulnerability - Arbitrary File Access by Unauthorized User

A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in certain Poly devices. The firmware flaw does not properly prevent path traversal and could lead to information disclosure...

WordPress Innovs HR Plugin <= 1.0.3.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Innovs HR Type Plugin Vulnerable versions = 1.0.3.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0858 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 1fae1c140215 Credits Sushil Phuyal Required...

CVE-2024-0858

creationtimestamp| type| source ---|---|--- 2024-03-18 20:26:49+00:00| seen| https://t.me/ctinow/210914...

CVE-2024-0858

The Innovs HR WordPress plugin through 1.0.3.4 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks such as adding them as employees...

CVE-2024-0858 Innovs HR <= 1.0.3.4 - Employee Creation via CSRF

The Innovs HR WordPress plugin through 1.0.3.4 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks such as adding them as employees...

CVE-2023-0858

creationtimestamp| type| source ---|---|--- 2023-05-11 16:15:24+00:00| seen| https://t.me/cibsecurity/63879...

CVE-2023-0858

Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger unauthorized access to the product. :Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier...

CVE-2023-0858

CVE-2023-0858 corresponds to an improper authentication flaw in the RemoteUI of Canon Office/Small Office/MFD printers. Affected firmware: 11.04 and earlier across multiple model lines and regions (e.g., Satera LBP660C/LBP620C/MF740C/MF640C; Color imageCLASS LBP660C/LBP620C/X LBP1127C/MF740C/MF64...

CVE-2023-0858

Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger unauthorized access to the product. :Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier...