openSUSE Security Advisory (SUSE-SU-2026:0870-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-0870 GIGABYTE｜MacroHub - Local Privilege Escalation

MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges...

CVE-2021-0870

In RWSetActivatedTagType of rwmain.cc, there is possible memory corruption due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11...

CVE-2022-0870

Server-Side Request Forgery SSRF in GitHub repository gogs/gogs prior to 0.12.5...

CVE-2018-0870

creationtimestamp| type| source ---|---|--- 2025-08-31 03:01:29+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d...

CVE-2025-0870

creationtimestamp| type| source ---|---|--- 2025-01-30 13:03:49+00:00| seen| https://infosec.exchange/users/cve/statuses/113917442697196319 2025-01-30 13:15:41+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgxkwk7fez2b 2025-03-02 11:46:29+00:00| seen|...

CVE-2025-0870 Axiomatic Bento4 Ap4DataBuffer.h GetData heap-based overflow

A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The complexity of ...

CentOS 7 : python-flask (RHSA-2020:0870)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0870 advisory. - The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory...

CVE-2024-0870

The YITH WooCommerce Gift Cards plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'savemailstatus' and 'saveemailsettings' functions in all versions up to, and including, 4.12.0. This makes it possible for unauthenticated attackers to...

WordPress YITH WooCommerce Gift Cards Plugin <= 4.12.0 is vulnerable to Broken Access Control

Software YITH WooCommerce Gift Cards Type Plugin Vulnerable versions = 4.12.0 Fixed in 4.13.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-0870 Patch priority Low CVSS severity Low 5.3 Developer YITH PSID 8dd8ed435d7e Credits Francesco Carlucci Required...

SUSE: Security Advisory (SUSE-SU-2024:0870-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 5 : java-1.4.2-ibm-sap (RHSA-2011:0870)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0870 advisory. - JDK unspecified vulnerability in Deployment component CVE-2010-4447, CVE-2010-4466, CVE-2010-4475 - OpenJDK DNS cache poisoning by untrust...

openSUSE Security Advisory (SUSE-SU-2024:0870-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Trane Tracer SC Sensitive Information Disclosure (CVE-2016-0870)

The web server in Trane Tracer SC 4.2.1134 and earlier allows remote attackers to read sensitive configuration files via a direct request. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

CVE-2023-0870 Form Can Be Manipulated with Cross-Site Request Forgery (CSRF)

A form can be manipulated with cross-site request forgery in multiple versions of OpenNMS Meridian and Horizon. This can potentially allow an attacker to gain access to confidential information and compromise integrity. The solution is to upgrade to Meridian 2023.1.1 or Horizon 31.0.6 or newer...

CVE-2023-0870

OpenNMS Meridian and Horizon are affected by a CSRF vulnerability that allows form manipulation potentially compromising confidentiality and integrity. The issue affects Meridian and Horizon versions prior to the fixed releases: Meridian 2023.1.1 and Horizon 31.0.6 (or newer). Root cause details ...

RHEL 7 / 8 : OpenShift Container Platform 4.7.45 (RHSA-2022:0870)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0870 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

Gogs < 0.12.5 Multiple Vulnerabilities

Gogs is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribu...

CVE-2022-0870

creationtimestamp| type| source ---|---|--- 2022-03-11 14:14:36+00:00| seen| https://t.me/cibsecurity/38779...

CVE-2022-0870

Server-Side Request Forgery SSRF in GitHub repository gogs/gogs prior to 0.12.5...