CVE-2026-10247

creationtimestamp| type| source ---|---|--- 2026-06-01 13:10:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mna5putgkc2w...

CVE-2020-10247

MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sightingfield.ctp...

CVE-2025-10247

creationtimestamp| type| source ---|---|--- 2025-09-11 06:46:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyk5mhi5bk2t...

Linux Distros Unpatched Vulnerability : CVE-2019-10247

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will...

CVE-2024-10247

The Video Gallery – Best WordPress YouTube Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the orderby parameter in all versions up to, and including, 2.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

CVE-2024-10247

creationtimestamp| type| source ---|---|--- 2024-12-06 03:41:01+00:00| seen| https://infosec.exchange/users/cve/statuses/113603802589938190 2024-12-06 06:25:05+00:00| seen| https://t.me/cvedetector/12167...

CVE-2024-10247 YouTube Gallery and Vimeo Gallery Plugin <= 2.4.2 - Authenticated (Administrator+) SQL Injection

The Video Gallery – Best WordPress YouTube Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the orderby parameter in all versions up to, and including, 2.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

CVE-2024-10247

CVE-2024-10247 affects the WordPress plugin Video Gallery – YouTube Gallery and Vimeo Gallery up to version 2.4.2. The issue is a time-based SQL Injection caused by insufficient escaping of the user-supplied parameter in the orderby clause, allowing an authenticated attacker with Administrator-le...

CVE-2024-10247 YouTube Gallery and Vimeo Gallery Plugin <= 2.4.2 - Authenticated (Administrator+) SQL Injection

The Video Gallery – Best WordPress YouTube Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the orderby parameter in all versions up to, and including, 2.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

Security Bulletin: Vulnerabilities in Eclipse Jetty and JUnit4 affect watsonx.data

Summary Eclipse Jetty could allow remote attacks to obtain sensitive information and JUnit4 could allow a local attacker to obtain sensitive information. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2019-10246 DESCRIPTION: Eclipse Jetty could allow a remote attacker to obtain...

CVE-2019-10247

creationtimestamp| type| source ---|---|--- 2024-01-09 13:11:27+00:00| seen| https://t.me/ctinow/164991 2024-01-09 19:47:10+00:00| seen| https://t.me/ctinow/165279 2024-01-15 12:37:18+00:00| seen| https://t.me/ctinow/168316...

SUSE CVE-2019-10247

In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches...

CVE-2018-10247

The connected IBM bulletins describe multiple Jetty/Jasper vulnerabilities that affect IBM Rational Synergy (7.2.1.x) and Rational Change (5.3.x) deployments using Jetty 8.1.3. Vulnerabilities include session hijacking and HTTP request smuggling, plus information disclosure and DoS across several...

Security Bulletin: Java Vulnerability Affects IBM Sterling Connect:Direct Browser User Interface (CVE-2019-10241, CVE-2019-10246 & CVE-2019-10247)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by IBM Sterling Connect:Direct Browser User Interface. These issues were disclosed as part of the IBM Java SDK updates in May 2018 and Jetty Server update in May 2019. Vulnerability Detai...

Security Bulletin: Multiple Java Vulnerabilities Affect IBM Connect:Direct Web Services

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by IBM Connect:Direct Web Services. These issues were disclosed as part of the IBM Java SDK updates in May 2019 Vulnerability Details CVE-ID: CVE-2019-10246 Description: Eclipse...

Debian: Security Advisory (DLA-2765-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect Apache Solr shipped with IBM Operations Analytics - Log Analysis

Summary There are vulnerabilities in various versions of Eclipse Jetty that affect Apache Solr. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID: CVE-2019-10246 DESCRIPTION: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by...

Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.4.3 release and security update

Red Hat AMQ Broker 7.4.3 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.6 release and security update

Red Hat AMQ Broker 7.6 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

CVE-2020-10247

Vulnerability: CVE-2020-10247 affects MISP 2.4.122, where a Persistent XSS exists in the sighting popover tool (file app/View/Elements/Events/View/sighting_field.ctp). Impact: can store/trigger XSS in user-visible popovers. Root cause: persistent cross-site scripting in the sighting_field.ctp com...