RHCOS 9 : OpenShift Container Platform 4.15.39 (RHSA-2024:10145)

The remote Red Hat Enterprise Linux CoreOS 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:10145 advisory. - waitress: python-waitress: request processing race condition in HTTP pipelining with invalid first request CVE-2024-49768 -...

CVE-2015-10145

creationtimestamp| type| source ---|---|--- 2025-12-31 22:02:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mbculed44m2c 2026-01-01 21:02:55+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mbfbpehsoz22 2026-02-10 00:00:00+00:00| seen| The Shadowserver...

CVE-2025-10145

creationtimestamp| type| source ---|---|--- 2025-10-28 06:46:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4adk45uoj2s 2025-10-28 09:48:20+00:00| seen| https://gist.github.com/Darkcrai86/99ae948f80b38a2432d9111e9003341e...

CVE-2024-10145

The Hubbub Lite WordPress plugin before 1.34.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-10145 Hubbub Lite < 1.34.4 - Admin+ Stored XSS

The Hubbub Lite WordPress plugin before 1.34.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-10145

Summary: Hubbub Lite WordPress plugin before 1.34.4 is vulnerable to Stored XSS via unsanitized/uncleaned settings. Affected: Hubbub Lite WP plugin

Linux Distros Unpatched Vulnerability : CVE-2016-10145

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy. CVE-2016-10145 Note tha...

CVE-2020-10145

CVE-2020-10145 affects the Adobe ColdFusion installer on Windows, which fails to set a secure ACL on the default installation directory (e.g., C:\ColdFusion2021). This allows unprivileged users to place files in the ColdFusion install path, enabling privilege escalation. Exploitation details are ...

CVE-2020-10145

The Adobe ColdFusion installer fails to set a secure access-control list ACL on the default installation directory, such as C:\ColdFusion2021. By default, unprivileged users can create files in this directory structure, which creates a privilege-escalation vulnerability...

EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2019-2160)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF,and Phot...

CVE-2019-10145

rkt through version 1.30.0 does not isolate processes in containers that are run with rkt enter. Processes run with rkt enter do not have seccomp filtering during stage 2 the actual environment in which the applications run. Compromised containers could exploit this flaw to access host resources...

CVE-2019-10145

CVE-2019-10145 affects rkt up to version 1.30.0. The issue: containers started with rkt enter do not isolate processes and lack seccomp filtering during stage 2, allowing a compromised container to access host resources. Documents consistently describe the vulnerability without providing explicit...

Photon OS 1.0: Openjre PHSA-2017-0026

An update of the openjre package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0026. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121719;...

CVE-2018-10145

CVE-2018-10145 is rejected/not used and does not represent an active vulnerability entry.

CVE-2017-10145

Vulnerability in the Java Advanced Management Console component of Oracle Java SE subcomponent: Server. The supported version that is affected is Java Advanced Management Console: 2.6. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2017-10145

CVE-2017-10145 affects Oracle Java SE’s Java Advanced Management Console (server subcomponent) with affected version 2.6. The vulnerability can be exploited by a low-privilege, network-accessing attacker via multiple protocols to achieve unauthorized update/insert/delete of data, unauthorized rea...

CVE-2017-10145

Vulnerability in the Java Advanced Management Console component of Oracle Java SE subcomponent: Server. The supported version that is affected is Java Advanced Management Console: 2.6. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

Oracle Java SE Multiple Vulnerabilities (July 2017 CPU)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 8 Update 141, 7 Update 151, or 6 Update 161. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the 2D component that allows an unauthenticated, remote...

DEBIAN-CVE-2016-10145

Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy...

CVE-2016-10145

Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy...