Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2026-1008)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-1008

The Recently Purchased Products For Woo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘view’ parameter in all versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

EUVD-2026-1008

A weakness has been identified in Tenda AC23 16.03.07.52. This affects the function sscanf of the file /goform/PowerSaveSet. Executing a manipulation of the argument Time can lead to buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could ...

CVE-2025-43380

creationtimestamp| type| source ---|---|--- 2025-11-13 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1008/...

Linux Distros Unpatched Vulnerability : CVE-2013-1008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and...

CVE-2021-1008

In addSubInfo of SubscriptionController.java, there is a possible way to force the user to make a factory reset due to a logic error in the code. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2020-1008

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-099...

CVE-2019-1008

A security feature bypass vulnerability exists in Dynamics On Premise, aka 'Microsoft Dynamics On-Premise Security Feature Bypass'...

CVE-2010-1008

Cross-site scripting XSS vulnerability in the Sellector.com Widget Integration chsellector extension before 0.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2025-1008 Recently Purchased Products For Woo <= 1.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via view Parameter

The Recently Purchased Products For Woo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘view’ parameter in all versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

Splunk Enterprise 9.1.0 < 9.1.6, 9.2.0 < 9.2.3, 9.3.0 < 9.3.1 (SVD-2024-1008)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-1008 advisory. - In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to th...

Backdoor.Win32.AutoSpy.10 MVID-2024-0671 Remote Command Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/b012704cad2bae6edbd23135394b9127.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.AutoSpy.10 Vulnerability: Unauthenticated Remote Command Execution...

CVE-2024-1008

creationtimestamp| type| source ---|---|--- 2024-01-29 17:31:56+00:00| seen| https://t.me/ctinow/175410 2024-02-01 08:16:24+00:00| seen| https://t.me/ctinow/177357 2024-02-21 11:11:40+00:00| seen| https://t.me/ctinow/189457...

CVE-2024-1008

A vulnerability was found in SourceCodester Employee Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file edit-photo.php of the component Profile Page. The manipulation leads to unrestricted upload. The attack can be...

CVE-2024-1008

CVE-2024-1008 affects SourceCodester Employee Management System 1.0 (Profile Page, edit-photo.php). The vulnerability is described as an unrestricted upload flaw in that PHP file, allowing remote exploitation. Exploit has been publicly disclosed per the record, indicating potential active abuse. ...

MAL-2024-268 Malicious code in wlwz-2312-1008 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3829839ed73aec93a918270806bb90b30324746c3d18583e452b475e7b520db4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wlwz-2312-1008 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3829839ed73aec93a918270806bb90b30324746c3d18583e452b475e7b520db4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

AlmaLinux 9 : kpatch-patch (ALSA-2023:1008)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:1008 advisory. - A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2capreassemblesdu of the file...

CVE-2023-1008

creationtimestamp| type| source ---|---|--- 2023-02-24 14:49:17+00:00| seen| https://t.me/cibsecurity/58864...

CVE-2023-1008

Twister Antivirus 8.17 is affected by a denial-of-service issue in the IoControlCode Handler of the filmfd.sys library, triggered by manipulating function 0x801120E4. The vulnerability requires local access (local attack) and is associated with the Twister Antivirus component; multiple sources (P...