SUSE: Security Advisory (SUSE-SU-2026:0975-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RockyLinux 10 : glib2 (RLSA-2026:0975)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0975 advisory. glib: Integer overflow in in gescapeuristring CVE-2025-13601 Tenable has extracted the preceding description block directly from the RockyLinux security advisory...

CVE-2026-0975

Delta Electronics DIAView has Command Injection vulnerability...

CVE-2026-0975

Delta Electronics DIAView has Command Injection vulnerability...

CVE-2026-0975

CVE-2026-0975 affects Delta Electronics DIAView. ZDI-26-049 describes a remote-code-execution via the DIAView script component where scripts inside a DIAView project aren’t properly restricted. The flaw allows arbitrary code execution in the context of the current process when a user opens/runs a...

CVE-2026-0975 DIAView - Command Injection Vulnerability

Delta Electronics DIAView has Command Injection vulnerability...

CVE-2020-0975

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0972, CVE-2020-0976, CVE-2020-0977...

IBM MQ Command Injection (7184342)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7184342 advisory. - IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow an authenticated user to execute code due to improper neutralization of escape characters. CVE-2025-0975...

CVE-2025-0975

creationtimestamp| type| source ---|---|--- 2025-02-28 03:26:33+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5831 2025-02-28 04:00:37+00:00| seen| Telegram/hWtHpVPiv2Ll8ElDjrWn7knw1cB4w99LrKbSPFUZG8rmH1w 2025-02-28 05:19:12+00:00| seen| https://t.me/cvedetector/19115 2025-02-28...

CVE-2025-0975 IBM MQ code execution

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow an authenticated user to execute code due to improper neutralization of escape characters...

CVE-2025-0975 IBM MQ code execution

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow an authenticated user to execute code due to improper neutralization of escape characters...

CVE-2025-0975

CVE-2025-0975 affects IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console and is caused by improper neutralization of escape characters. An authenticated user could execute code on vulnerable installations. The issue is confirmed in IBM MQ console components; no exploitation specifics are provide...

Security Bulletin: IBM MQ Console is affected by a command injection vulnerability (CVE-2025-0975)

Summary IBM MQ has addressed a command injection vulnerability in the MQ Console Vulnerability Details CVEID:CVE-2025-0975 DESCRIPTION: IBM MQ console could allow an authenticated user to execute code due to improper neutralization of escape characters. CWE:CWE-150: Improper Neutralization of...

Security Bulletin: IBM MQ Appliance Console is affected by code injection vulnerability (CVE-2025-0975)

Summary IBM MQ Appliance has addressed a code injection vulnerability in the IBM MQ Console. Vulnerability Details CVEID:CVE-2025-0975 DESCRIPTION: IBM MQ console could allow an authenticated user to execute code due to improper neutralization of escape characters. CWE:CWE-150: Improper...

OpenNMS Authenticated XXE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'OpenNMS Authenticated XXE', 'Description' = %q OpenNMS is vulnerable to XML External Entity Injection in the Real-Time Console...

SUSE: Security Advisory (SUSE-SU-2024:0975-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rocky Linux 8 : postgresql:13 (RLSA-2024:0975)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:0975 advisory. - Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer...

WordPress WordPress Access Control Plugin <= 4.0.13 is vulnerable to Sensitive Data Exposure

Software WordPress Access Control Type Plugin Vulnerable versions = 4.0.13 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-0975 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6f6e7407c536 Credits Francesco Carlucci...

Oracle Linux 8 : postgresql:13 (ELSA-2024-0975)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0975 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 13.14-1.0.1 - update to 13.14 - Fixes CVE-2024-0985 Tenable has extracted the preceding description block...

RHSA-2024:0975

creationtimestamp| type| source ---|---|--- 2024-02-26 05:16:39+00:00| seen| https://t.me/ctinow/193085...