136 matches found
MiracleLinux 8 : pcs-0.10.14-5.el8.ML.1 (AXSA:2022-4465:08)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4465:08 advisory. pcs: improper authentication via PAM CVE-2022-1049 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. No...
CVE-2026-1049
creationtimestamp| type| source ---|---|--- 2026-01-17 20:07:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcng36abjq2w...
CVE-2026-1049
A security vulnerability has been detected in LigeroSmart up to 6.1.26. The affected element is an unknown function of the file /otrs/index.pl. Such manipulation of the argument TicketID leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed...
MiracleLinux 7 : systemd-219-42.el7.7 (AXSA:2018-2569:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2569:02 advisory. A race condition was found in systemd. This could result in automount requests not being serviced and processes using them could hang, causing denial of...
CVE-2004-1049
creationtimestamp| type| source ---|---|--- 2025-09-09 21:02:21+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lygmjeutee2l...
Amazon Linux 2023 : exiv2, exiv2-devel, exiv2-libs (ALAS2023-2025-1049)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1049 advisory. Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A heap buffer overflow was found in Exiv2 versions v0.28.0 to v0.28.4. Versio...
CVE-2023-1049
A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists that could cause execution of malicious code when an unsuspicious user loads a project file from the local filesystem into the HMI...
CVE-2021-1049
Hacker one bug ID: 1343975Product: AndroidVersions: Android SoCAndroid ID: A-204256722...
CVE-2020-1049
A cross site scripting vulnerability exists when Microsoft Dynamics 365 on-premises does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 On-Premise Cross Site Scripting Vulnerability'. This CVE ID is unique from CVE-2020-1050...
Sonos Speakers S1 App < 11.15.1, S2 App < 16.6 Multiple RCE Vulnerabilities (SSA-2024-0002)
Sonos speakers are prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX =...
CVE-2025-1049
Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1049
CVE-2025-1049 affects Sonos Era 300 speakers. A heap-based buffer overflow in ID3 data processing allows network-adjacent attackers (no authentication) to execute code in the context of the anacapa user. Root cause: insufficient validation of user-supplied data length before heap copy. Public det...
CVE-2025-1049
creationtimestamp| type| source ---|---|--- 2025-04-09 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-224/ 2025-04-23 18:48:06+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114388768229553757 2025-04-23 20:14:32+00:00| seen|...
CVE-2024-1049
creationtimestamp| type| source ---|---|--- 2025-02-13 17:10:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4274...
WordPress CoBlocks Plugin <= 3.1.6 is vulnerable to Cross Site Scripting (XSS)
Software CoBlocks Type Plugin Vulnerable versions = 3.1.6 Fixed in 3.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1049 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c31aa15ef7d9 Credits Webbernaut Required privilege...
CVE-2024-1049
The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Icon Widget's in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping on the link value. This makes it possible for...
CVE-2024-1049 Page Builder Gutenberg Blocks – CoBlocks <= 3.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Icon Widget's in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping on the link value. This makes it possible for...
CVE-2024-1049
CVE-2024-1049 affects the WordPress plugin Page Builder Gutenberg Blocks – CoBlocks . It is vulnerable to Stored Cross-Site Scripting via the plugin’s Icon Widget, in all versions up to 3.1.6, due to insufficient input sanitization and output escaping on the link value. The vulnerability requires...
CVE-2024-1420
Rejected reason: REJECT This is a duplicate of CVE-2024-1049. Please use CVE-2024-1049 instead...
Open redirect
Rejected reason: REJECT This is a duplicate of CVE-2024-1049. Please use CVE-2024-1049 instead...