MiracleLinux 8 : thunderbird-128.11.0-1.el8_10.ML.1 (AXSA:2025-10026:12)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10026:12 advisory. thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link CVE-2025-3909 thunderbird: Sender Spoofing via Malformed From Header...

EUVD-2016-10446

Malware in sbrugna...

CVE-2025-10026 itsourcecode POS Point of Sale System -complex_header.php cross site scripting

A vulnerability was found in itsourcecode POS Point of Sale System 1.0. Affected by this vulnerability is an unknown functionality of the file /inventory/main/vendors/datatables/unittesting/templates/-complexheader.php. The manipulation of the argument scripts results in cross site scripting. It ...

Linux Distros Unpatched Vulnerability : CVE-2016-10026

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a page on sites with the git and recentchanges plugins and the CGI...

Oracle Linux 8 : python3.11 (ELSA-2025-10026)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10026 advisory. 3.11.13-1.0.1 - Update rpm-macros description Orabug: 36024572 3.11.13-1 - Update to 3.11.13 - Security fixes for CVE-2025-4517, CVE-2025-4330,...

CVE-2015-10026

A vulnerability was found in tiredtyrant flairbot. It has been declared as critical. This vulnerability affects unknown code of the file flair.py. The manipulation leads to sql injection. The patch is identified as 5e112b68c6faad1d4699d02c1ebbb7daf48ef8fb. It is recommended to apply a patch to fi...

AZL-56201 CVE-2024-10026 affecting package podman for versions less than 5.6.1-2

A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances...

CVE-2024-10026

A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances...

CVE-2024-10026

A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances...

UBUNTU-CVE-2024-10026

A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances...

CVE-2024-10026

creationtimestamp| type| source ---|---|--- 2025-01-30 19:18:24+00:00| seen| https://infosec.exchange/users/cve/statuses/113918915619723013 2025-01-30 20:15:49+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgycfsas6y2f 2025-01-30 22:38:19+00:00| seen|...

CVE-2024-10026 Improved Seeding and Hashing In gVisor

A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances...

CVE-2024-10026

The CVE-2024-10026 issue concerns Google's gVisor: a weak hashing algorithm and small seed/secret sizes. The connected documents confirm this affects gVisor in multiple advisories (e.g., TencentOS Server 4, OSV/Ubuntu entries) and describe that a remote attacker could calculate a local IP address...

Synology BeePhotos 操作系统命令注入漏洞

Synology BeePhotos is a photo backup program from China-based Synology Inc. The operating system command injection vulnerability exists in Synology BeePhotos versions prior to 1.0.2-10026 and 1.1.0-10053, which stems from improper neutralization of a special element in the Task Manager component,...

CVE-2013-10026

creationtimestamp| type| source ---|---|--- 2023-05-02 07:29:54+00:00| seen| https://t.me/cibsecurity/63148...

CVE-2013-10026

The CVE targets the WordPress Mail Subscribe List Plugin versions up to 2.0.10. A cross-site scripting flaw arises from manipulating the index.php parameters sml_name and sml_email due to unknown processing, potentially enabling remote exploitation. Remediation: upgrade to version 2.1 (patch 4849...

SUSE CVE-2019-10026

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case...

CVE-2020-10026

...

CVE-2020-10026

CVE-2020-10026 entry is rejected/not used and does not represent an active vulnerability.

CVE-2019-10026

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case...