MiracleLinux 9 : osbuild-composer-132-1.el9.ML.1, osbuild-141-1.el9.ML.1 (AXSA:2025-10326:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10326:01 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 go/build/constraint: golang: Calling Parse on a //...

CVE-2025-10326

creationtimestamp| type| source ---|---|--- 2025-09-12 23:22:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyofqzhpsh2c...

CVE-2019-10326

A cross-site request forgery vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attackers to reset warning counts for future builds...

CVE-2024-10326

creationtimestamp| type| source ---|---|--- 2025-03-08 12:36:27+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6946 2025-03-08 15:11:18+00:00| seen| https://t.me/cvedetector/19900 2025-03-08 16:29:02+00:00| seen| Telegram/oTNeDddZVNsSAQ9hTaWQhQvIDwL96hCOavxqk1ZBE4YVh7Dc...

CVE-2024-10326 RomethemeKit For Elementor <= 1.5.3 - Missing Authorization in save_options and reset_widgets

The RomethemeKit For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveoptions and resetwidgets functions in all versions up to, and including, 1.5.3. This makes it possible for authenticated attackers, with...

CVE-2024-10326 RomethemeKit For Elementor <= 1.5.3 - Missing Authorization in save_options and reset_widgets

The RomethemeKit For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveoptions and resetwidgets functions in all versions up to, and including, 1.5.3. This makes it possible for authenticated attackers, with...

CVE-2024-10326

CVE-2024-10326 – RomethemeKit for Elementor (WordPress) : The vulnerability is caused by a missing capability check in the save_options and reset_widgets functions, affecting all versions up to 1.5.3. This allows authenticated attackers with Subscriber-level access and above to modify plugin sett...

Mageia: Security Advisory (MGASA-2017-0170)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-10326

A cross-site request forgery vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attackers to reset warning counts for future builds...

CVE-2019-10326

A cross-site request forgery vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attackers to reset warning counts for future builds...

CVE-2019-10326

The CVE-2019-10326 issue affects Jenkins Warnings NG Plugin ≤ 5.0.0. A cross-site request forgery (CSRF) vulnerability allows attackers to reset warning counts for future builds. Root cause: CSRF in the plugin’s handling of build-warnings state. Impact is limited to unauthorized state change of b...

CVE-2019-10326

A cross-site request forgery vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attackers to reset warning counts for future builds...

CVE-2018-10326

PrinterOn Enterprise 4.1.3 is affected by multiple authenticated stored XSS vulnerabilities: (1) department field in printer configuration, (2) description field in the print server configuration, and (3) username field for authentication to print as guest. No remediation or exploit details are p...

Debian: Security Advisory (DLA-898-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-10326

CVE-2017-10326 affects Oracle E-Business Suite’s Common Applications Calendar (CAC) component. A vulnerability in CAC impacts versions 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7, allowing an unauthenticated attacker with network access via HTTP to compromise CAC. The exploi...

SUSE SLED12 Security Update : libosip2 (SUSE-SU-2017:1187-1)

This update for libosip2 fixes several issues. These security issues were fixed : - CVE-2017-7853: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the msgosipbodyparse function defined in osipparser2/osipmessageparse.c, resulting in a remote DoS bsc1034570. -...

openSUSE Security Update : libosip2 (openSUSE-2017-526)

This update for libosip2 fixes the following issues : Changes in libosip2 : - CVE-2017-7853: In libosip2 in GNU 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msgosipbodyparse function defined in osipparser2/osipmessageparse.c, resulting in a remote DoS. boo1034570 -...

openSUSE: Security Advisory for libosip2 (openSUSE-SU-2017:1127-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10326. Reason: This candidate is a reservation duplicate of CVE-2016-10326. Notes: All CVE users should reference CVE-2016-10326 instead of this candidate. All references and descriptions in this candidate have been removed t...

CVE-2016-10326

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osipbodytostr function defined in osipparser2/osipbody.c, resulting in a remote DoS...