CVE-2020-10374

creationtimestamp| type| source ---|---|--- 2026-06-25 06:37:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mp3swbwyyt2n...

CVE-2025-10374

creationtimestamp| type| source ---|---|--- 2025-09-13 22:51:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyquiozpg72m...

CVE-2024-10374

The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpmemloginout shortcode in all versions up to, and including, 3.4.9.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

Linux Distros Unpatched Vulnerability : CVE-2016-10374

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - perltidy through 20160302, as used by perlcritic, check-all-the-things, and other software, relies on the current working directory for certain output files and...

CVE-2024-10374

creationtimestamp| type| source ---|---|--- 2024-10-25 14:34:37+00:00| seen| https://t.me/cvedetector/8937...

CVE-2024-10374 WP-Members <= 3.4.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpmem_loginout Shortcode

The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpmemloginout shortcode in all versions up to, and including, 3.4.9.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

WordPress WP-Members Plugin <= 3.4.9.5 is vulnerable to Cross Site Scripting (XSS)

Software WP-Members Type Plugin Vulnerable versions = 3.4.9.5 Fixed in 3.4.9.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10374 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b793b5e43f7e Credits Peter Thaleikis Required...

RHEL 7 : perltidy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - perltidy: Uses current working directory without symlink-attack protection CVE-2016-10374 Note that Nessus has not...

RHEL 6 : perltidy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perltidy: insecure temporary file creation CVE-2014-2277 - perltidy through 20160302, as used by...

CVE-2020-10374

The CVE-2020-10374 affects Paessler PRTG Network Monitor (webserver component) from version 19.2.50 up to 20.1.56, enabling unauthenticated remote command execution via a crafted POST request or via the what parameter of the Contact Support form’s screenshot function. This is a remote, network-ac...

CVE-2019-10374

A stored cross-site scripting vulnerability in Jenkins PegDown Formatter Plugin 1.3 and earlier allows attackers able to edit descriptions and other fields rendered using the configured markup formatter to insert links with the javascript scheme into the Jenkins UI...

CVE-2019-10374

The CVE-2019-10374 issue affects Jenkins PegDown Formatter Plugin (versions 1.3 and earlier). A stored cross-site scripting vulnerability arises because users able to edit descriptions or other fields rendered by the configured markup formatter can inject links using the javascript: scheme into t...

CVE-2014-10374

creationtimestamp| type| source ---|---|--- 2019-07-15 16:27:12+00:00| seen| https://t.me/cibsecurity/5517...

CVE-2014-10374

CVE-2014-10374 concerns Fitbit activity-tracker devices where BLE advertising uses a TxAdd flag for random addresses, but the addresses remain constant. This leads to “permanent trackability” and privacy concerns when a device is sniffed at multiple fixed locations, enabling an adversary to tell ...

Updated perltidy packages fix security vulnerability

perltidy relies on the current working directory for certain output files and does not have a symlink-attack protection mechanism, which allows local users to overwrite arbitrary files by creating a symlink CVE-2016-10374...

Fedora 26 : perltidy (2017-c76259ddea)

Cumulative bug-fix, enhancement and security update, including fix for CVE-2016-10374: perltidy relies on the current working directory for certain output files and did not have a symlink-attack protection mechanism, which allowed local users to overwrite arbitrary files by creating a symlink, as...

Fedora 24 : perltidy (2017-1f11501a9f)

Cumulative bug-fix, enhancement and security update, including fix for CVE-2016-10374: perltidy relies on the current working directory for certain output files and did not have a symlink-attack protection mechanism, which allowed local users to overwrite arbitrary files by creating a symlink, as...

Fedora 25 : perltidy (2017-a3c7d077c7)

Cumulative bug-fix, enhancement and security update, including fix for CVE-2016-10374: perltidy relies on the current working directory for certain output files and did not have a symlink-attack protection mechanism, which allowed local users to overwrite arbitrary files by creating a symlink, as...

CVE-2016-10374

perltidy through 20160302, as used by perlcritic, check-all-the-things, and other software, relies on the current working directory for certain output files and does not have a symlink-attack protection mechanism, which allows local users to overwrite arbitrary files by creating a symlink, as...