openSUSE Security Advisory (SUSE-SU-2026:1037-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-1037

creationtimestamp| type| source ---|---|--- 2025-10-28 15:44:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4bbmuypwk2d 2025-10-30 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-303-02...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-1037)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1037 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: check folio mapping after unlock in relocateonefolio CVE-2024-56758 In the Linux kernel, the following vulnerability...

CVE-2021-1037

The broadcast that DevicePickerFragment sends when a new device is paired doesn't have any permission checks, so any app can register to listen for it. This lets apps keep track of what devices are paired without requesting BLUETOOTH permissions.Product: AndroidVersions: Android-10 Android-11...

CVE-2020-1037

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge HTML-based, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'...

CVE-2019-1037

An elevation of privilege vulnerability exists in the way Windows Error Reporting WER handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'...

CVE-2010-1037

Cross-site request forgery CSRF vulnerability in HP System Insight Manager before 6.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

CVE-2024-1037

The CVE-2024-1037 entry concerns All-In-One Security (AIOS) for WordPress, affecting versions up to 5.2.5. The vulnerability is a Reflected Cross-Site Scripting via the tab parameter caused by insufficient input sanitization and output escaping, enabling unauthenticated attackers to inject web sc...

Oracle Linux 5 : Important: / openldap (ELSA-2007-1037)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2007-1037 advisory. 2.3.27-8.1 - fix security issue CVE-2007-5707 360001 - fix manual bind timeout 368231 -------------- next part -------------- An HTML attachment was scrubbed...

Oracle Linux 7 : advancecomp (ELSA-2020-1037)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-1037 advisory. - Resolves: 1711051, CVE-2019-8383 denial of service - Resolves: 1710910, CVE-2019-8379 null pointer dereference Tenable has extracted the preceding description...

Missing Linux Kernel mitigations for 'RETbleed' hardware vulnerabilities (INTEL-SA-00702, AMD-SB-1037)

The remote host is missing one or more known mitigations on Linux Kernel side for the referenced SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

CVE-2023-1037

CVE-2023-1037 affects SourceCodester Dental Clinic Appointment Reservation System 1.0. The vulnerability is a SQL injection in the POST parameter handler for the file /APR/login.php where the username argument is manipulated. Exploitation can occur remotely and public exploitation has been disclo...

CVE-2022-1037

The EXMAGE WordPress plugin before 1.0.7 does to ensure that images added via URLs are external images, which could lead to a blind SSRF issue by using local URLs...

CVE-2022-1037

CVE-2022-1037 affects the WordPress EXMAGE plugin prior to 1.0.7. The issue arises because images added via URLs are not consistently treated as external, enabling a blind SSRF through local URLs. Documented impact is a blind SSRF condition; no exploit details are provided beyond this description...

CVE-2022-1037 EXMAGE < 1.0.7 - Admin+ Blind SSRF

The EXMAGE WordPress plugin before 1.0.7 does to ensure that images added via URLs are external images, which could lead to a blind SSRF issue by using local URLs...

CVE-2021-1037

The CVE-2021-1037 issue concerns a broadcast from the DevicePickerFragment when a new device is paired that lacks permission checks. Affected software: Android 9–12. Vulnerable component/behavior: the DevicePickerFragment broadcast is listenable by any app without BLUETOOTH permissions, enabling ...

lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through

Impact The HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5. Patches The issue has been resolved in lxml 4.6.5...

SUSE: Security Advisory (SUSE-SU-2014:1037-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-1037

creationtimestamp| type| source ---|---|--- 2020-05-22 02:55:17+00:00| seen| https://t.me/cibsecurity/12228...

CVE-2020-1037

CVE-2020-1037 is a ChakraCore/Edge remote code execution vulnerability. The Chakra scripting engine mishandles in-memory objects, enabling an attacker to execute arbitrary code in the context of the user. Public sources (GHSA-8XV4-C7RQ-J577, NVD entry) describe it as a ChakraCore/Edge RCE without...