CVE-2026-1070

creationtimestamp| type| source ---|---|--- 2026-01-24 10:10:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3md5xys73ze2m...

MiracleLinux 7 : firefox-78.6.0-1.0.1.el7.AXS7 (AXSA:2020-1070:27)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-1070:27 advisory. chromium-browser: Uninitialized Use in V8 CVE-2020-16042 Mozilla: Heap buffer overflow in WebGL CVE-2020-26971 Mozilla: CSS Sanitizer performed...

CVE-2025-1070

CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could render the device inoperable when a malicious file is downloaded...

CVE-2025-14498

creationtimestamp| type| source ---|---|--- 2025-12-10 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1070/...

Amazon Linux 2023 : sudo, sudo-devel, sudo-logsrvd (ALAS2023-2025-1070)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1070 advisory. Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines. CVE-2025-324...

CVE-2020-1070

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1048...

CVE-2011-1070

v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could allow unprivileged users to manipulate the video mode and potentially other consequences...

CVE-2019-1070

A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'...

CVE-2012-1070

Cross-site scripting XSS vulnerability in the Modern FAQ irfaq extension 1.1.2 and other versions before 1.1.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the "return url parameter."...

CVE-2023-1070

creationtimestamp| type| source ---|---|--- 2025-03-10 20:38:51+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7048...

CVE-2025-1070

CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could render the device inoperable when a malicious file is downloaded...

CVE-2025-1070

creationtimestamp| type| source ---|---|--- 2025-02-13 05:59:58+00:00| seen| https://infosec.exchange/users/cve/statuses/113995048445770804 2025-02-13 06:16:09+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhzzzbc6sa2a 2025-02-13 06:49:00+00:00| seen|...

CVE-2025-1070

CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could render the device inoperable when a malicious file is downloaded...

CVE-2025-1070

CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could render the device inoperable when a malicious file is downloaded...

CVE-2025-1070

Schneider Electric ASCO 5310 and ASCO 5350 Remote Annunciators are affected by CVE-2025-1070 (CWE-434): Unrestricted Upload of File with Dangerous Type, which could render the device inoperable when a malicious file is downloaded. The issue is described across multiple sources (Red Hat, NVD, CNNV...

CentOS 7 : kernel-rt (RHSA-2020:1070)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1070 advisory. - In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size...

Important: Red Hat Security Advisory: postgresql:12 security update

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

CVE-2024-1070

creationtimestamp| type| source ---|---|--- 2024-03-04 06:42:06+00:00| seen| https://t.me/ctinow/199021...

CVE-2024-1070

CVE-2024-1070 concerns the SiteOrigin Widgets Bundle plugin for WordPress. It describes a Stored XSS via the features attribute in all versions up to 1.58.2 caused by insufficient input sanitization and output escaping. The vulnerability permits authenticated attackers with contributor+ privilege...

CVE-2011-1070

creationtimestamp| type| source ---|---|--- 2024-02-14 09:26:44+00:00| seen| https://t.me/ctinow/184490...