Important Photon OS Security Update - PHSA-2026-4.0-0974

Updates of 'libssh', 'linux' packages of Photon OS have been released...

CVE-2026-0974

creationtimestamp| type| source ---|---|--- 2026-02-19 17:16:25+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfa3vhbge52c...

CVE-2024-0974

The Social Media Widget WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2020-0974

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0920, CVE-2020-0929, CVE-2020-0931, CVE-2020-0932,...

CVE-2025-0974

A vulnerability was determined in MaxD Lightning Module 4.43/4.44 on OpenCart. This issue affects some unknown processing. Executing a manipulation of the argument liop/md can lead to deserialization. The attack may be launched remotely. The attack requires a high level of complexity. The...

CVE-2025-0974

A vulnerability was determined in MaxD Lightning Module 4.43/4.44 on OpenCart. This issue affects some unknown processing. Executing a manipulation of the argument liop/md can lead to deserialization. The attack may be launched remotely. The attack requires a high level of complexity. The...

CVE-2025-0974 MaxD Lightning Module deserialization

A vulnerability was determined in MaxD Lightning Module 4.43/4.44 on OpenCart. This issue affects some unknown processing. Executing a manipulation of the argument liop/md can lead to deserialization. The attack may be launched remotely. The attack requires a high level of complexity. The...

CVE-2024-0974

creationtimestamp| type| source ---|---|--- 2024-07-12 09:23:25+00:00| seen| https://t.me/cvedetector/714...

CVE-2024-0974 Social Media Widget < 4.0.9 - Admin+ Stored XSS

The Social Media Widget WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-0974 Social Media Widget < 4.0.9 - Admin+ Stored XSS

The Social Media Widget WordPress plugin before 4.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

AlmaLinux 8 : postgresql:12 (ALSA-2024:0974)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0974 advisory. postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 Tenable has extracted the preceding description block directly...

Oracle Linux 8 : postgresql:12 (ELSA-2024-0974)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0974 advisory. pgaudit 1.4.0-7 - Release bump to avoid regression in nvrs - Resolves: RHEL-24969 pgrepack postgres-decoderbufs postgresql 12.18-1.0.1 - Update to version 12.18...

RHEL 8 : postgresql:12 (RHSA-2024:0974)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0974 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...

SUSE CVE-2022-0974

Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-0974

creationtimestamp| type| source ---|---|--- 2022-07-22 02:18:32+00:00| seen| https://t.me/cibsecurity/46777...

CVE-2022-0974

Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-0974

Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-0974

CVE-2022-0974 pertains to Google Chrome on Chrome OS prior to 99.0.4844.74, where a use-after-free in Splitscreen can be triggered by a crafted HTML page after user interaction, potentially enabling heap corruption and remote code execution. The issue is documented across multiple sources (NVD de...

Mageia: Security Advisory (MGASA-2022-0107)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : chromium (openSUSE-SU-2022:0085-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0085-1 advisory. - Use after free in Blink Layout. CVE-2022-0971 - Use after free in Extensions. CVE-2022-0972 - Use after free in Safe Browsing...