CVE-2026-1063

A vulnerability has been found in bastillion-io Bastillion up to 4.0.1. This vulnerability affects unknown code of the file src/main/java/io/bastillion/manage/control/AuthKeysKtrl.java of the component Public Key Management System. Such manipulation leads to command injection. It is possible to...

CVE-2026-1063

creationtimestamp| type| source ---|---|--- 2026-01-17 23:43:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcns57i32h2h...

MiracleLinux 7 : policycoreutils-2.5-22.el7 (AXSA:2018-2922:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2922:01 advisory. policycoreutils: Relabelling of symbolic links in /tmp and /var/tmp change the context of their target instead CVE-2018-1063 Tenable has extracted the...

Huawei EulerOS: Security Advisory for brotli (EulerOS-SA-2026-1063)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2007-1069

Malware in sbrugna...

EUVD-2001-1063

Malware in sbrugna...

EUVD-2022-1063

Malicious code in bioql PyPI...

CVE-2024-1063

Appwrite = v1.4.13 is affected by a Server-Side Request Forgery SSRF via the '/v1/avatars/favicon' endpoint due to an incomplete fix of CVE-2023-27159...

CVE-2022-1063

The Thank Me Later WordPress plugin through 3.3.4 does not sanitise and escape the Message Subject field before outputting it in the Messages list, which could allow high privileges users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2020-1063

A cross site scripting vulnerability exists when Microsoft Dynamics 365 on-premises does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 On-Premise Cross Site Scripting Vulnerability'...

Linux Distros Unpatched Vulnerability : CVE-2018-1063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an...

CVE-2025-1063 Classified Listing – Classified ads & Business Directory Plugin <= 4.0.4 - Unauthenticated Settings Exposure

The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.0.4 via the rtcltaxonomysettingsexport function. This makes it possible for unauthenticated attackers to extract sensiti...

CVE-2025-1063 Classified Listing – Classified ads & Business Directory Plugin <= 4.0.4 - Unauthenticated Settings Exposure

The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.0.4 via the rtcltaxonomysettingsexport function. This makes it possible for unauthenticated attackers to extract sensiti...

Cisco Unified IP Phone Use of Hard-coded Credentials (CVE-2007-1063)

The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.04SR1 and earlier, uses a hard- coded username and password, which allows remote attackers to access the device. This plugin only works with Tenable.ot. Please visit...

Oracle Linux 8 : edk2 (ELSA-2024-1063)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1063 advisory. - edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Pa.patch RHEL-21840 RHEL-21842 - edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Un.pat...

CentOS 8 : edk2 (CESA-2024:1063)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:1063 advisory. - EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be...

CVE-2024-1063

creationtimestamp| type| source ---|---|--- 2024-01-30 11:21:29+00:00| seen| https://t.me/ctinow/175842 2024-02-22 06:37:06+00:00| seen| https://t.me/ctinow/190463...

CVE-2024-1063

Appwrite = v1.4.13 is affected by a Server-Side Request Forgery SSRF via the '/v1/avatars/favicon' endpoint due to an incomplete fix of CVE-2023-27159...

CVE-2024-1063

Appwrite = v1.4.13 is affected by a Server-Side Request Forgery SSRF via the '/v1/avatars/favicon' endpoint due to an incomplete fix of CVE-2023-27159...

CVE-2023-1063

creationtimestamp| type| source ---|---|--- 2023-02-27 14:26:50+00:00| seen| https://t.me/cibsecurity/58929...