CVE-2026-1068

An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to obtain sensitive user data from the application...

MiracleLinux 8 : oniguruma-6.8.2-2.el8 (AXSA:2020-1068:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-1068:01 advisory. oniguruma: NULL pointer dereference in matchat in regexec.c CVE-2019-13225 Tenable has extracted the preceding description block directly from the MiracleLin...

Linux Distros Unpatched Vulnerability : CVE-2015-1068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of...

Friday Squid Blogging: NGC 1068 Is the “Squid Galaxy”

I hadn't known that the NGC 1068 galaxy is nicknamed the "Squid Galaxy." It is, and it's spewing neutrinos without the usual accompanying gamma rays. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered...

CVE-2020-1068

An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from...

CVE-2011-1068

Microsoft Windows Azure Software Development Kit SDK 1.3.x before 1.3.20121.1237, when Full IIS and a Web Role are used with an ASP.NET application, does not properly support the use of cookies for maintaining state, which allows remote attackers to obtain potentially sensitive information by...

CVE-2019-1068

A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'...

CVE-2025-1068

There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS AllSource, th...

CVE-2025-1068

creationtimestamp| type| source ---|---|--- 2025-02-25 17:15:09+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114065651086000181 2025-02-25 17:23:24+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5337 2025-02-25 19:03:22+00:00| seen| https://t.me/cvedetector/18888 2025-02-25...

CVE-2025-1068 There is a code injection vulnerability in Esri ArcGIS AllSource

There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS AllSource, th...

CVE-2025-1068

CVE-2025-1068 affects Esri ArcGIS AllSource 1.2 and 1.3 (untrusted search path). A low-privilege attacker with write access to the local file system can plant a malicious executable that executes under the victim’s context when a specific ArcGIS AllSource action is performed. The issue is address...

CVE-2025-1068 There is a code injection vulnerability in Esri ArcGIS AllSource

There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS AllSource, th...

AlmaLinux 8 : kernel (ALSA-2025:1068)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:1068 advisory. kernel: scsi: core: Fix unremoved procfs host directory regression CVE-2024-26935 kernel: arm64/sve: Discard stale CPU state when handling SVE traps...

WordPress 404 Solution Plugin < 2.35.8 is vulnerable to SQL Injection

Software 404 Solution Type Plugin Vulnerable versions 2.35.8 Fixed in 2.35.8 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1068 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID a596100a0999 Credits Sumit Patel Required privilege Administrator Publishe...

CVE-2024-1068 404 Solution < 2.35.8 - Admin+ SQL Injection

The 404 Solution WordPress plugin before 2.35.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins...

CVE-2024-1068

CVE-2024-1068 affects the WordPress plugin 404 Solution prior to version 2.35.8 . The issue is an improper sanitisation/escaping of a parameter used in a SQL statement, enabling a SQL injection . The exploit is described as usable by high-privilege users (e.g., admins) and is supported by multipl...

CVE-2024-1068 404 Solution < 2.35.8 - Admin+ SQL Injection

The 404 Solution WordPress plugin before 2.35.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins...

Oracle Linux 7 : squid (ELSA-2020-1068)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1068 advisory. - Resolves: 1729435 - CVE-2019-13345 squid: XSS via username or auth parameter in cachemgr.cgi - Resolves: 1582301 - CVE-2018-1000024 CVE-2018-1000027...

Unable to start the Net.Tcp Port Sharing service on the Storefront server

The Net.Tcp Port Sharing service is currently unable to start, and as a result, several Citrix services such as Citrix Subscription Store, Citrix Peer Resolution service, and Citrix Credential Wallet service are Stopped. Attempting to start the Net.Tcp Port Sharing service, an error message is...

Moderate: Red Hat Security Advisory: libjpeg-turbo security update

An update for libjpeg-turbo is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...