CVE-2026-1074

creationtimestamp| type| source ---|---|--- 2026-03-07 09:00:31+00:00| seen| https://infosec.exchange/users/offseq/statuses/116187072429443864 2026-03-07 09:00:32+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mghhnhxrsx2c 2026-03-07 09:29:42+00:00| seen|...

CVE-2023-1074 vulnerabilities

Vulnerabilities for packages: linux-qemu-melange, linux-qemu, linux-vmware...

CVE-2025-1074

A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. Affected is the function logout of the file /en/?mylogout of the component URL Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been...

EUVD-2026-1074

The FS Registration Password plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.1. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticate...

CVE-2025-14417

creationtimestamp| type| source ---|---|--- 2025-12-11 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1074/...

EUVD-2016-1074

Malware in sbrugna...

CVE-2019-1074

An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability could potentially access unauthorized information. The update addresses this...

Siemens SCALANCE W700 Missing Release of Memory after Effective Lifetime (CVE-2023-1074)

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service. This plugin only...

CVE-2023-1074

creationtimestamp| type| source ---|---|--- 2025-02-13 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-09...

CVE-2025-1074

A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. Affected is the function logout of the file /en/?mylogout of the component URL Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-1074

A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. Affected is the function logout of the file /en/?mylogout of the component URL Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-1074

Webkul QloApps 1.6.1 is affected by a cross-site request forgery in the URL Handler logout function at /en/?mylogout. The vulnerability stems from the logout endpoint logic, enabling remote CSRF exploitation. Public exploit/disclosures exist and the vendor has been informed and is working on a fi...

CVE-2025-1074 Webkul QloApps URL mylogout cross-site request forgery

A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. Affected is the function logout of the file /en/?mylogout of the component URL Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-1074 Webkul QloApps URL mylogout cross-site request forgery

A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. Affected is the function logout of the file /en/?mylogout of the component URL Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been...

RHEL 7 : ovirt-engine (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ovirt-engine: webadmin log out must logout all sessions CVE-2016-6338 - ovirt-engine: API exposes power...

CVE-2024-1074

The CVE-2024-1074 entry concerns Beaver Builder – WordPress Page Builder. It describes a Stored Cross-Site Scripting (XSS) vulnerability in the audio widget’s link_url parameter, affecting all versions up to and including 2.7.4.2. Exploitation requires authentication with contributor access or hi...

RHSA-2024:1074

creationtimestamp| type| source ---|---|--- 2024-03-05 02:17:30+00:00| seen| https://t.me/ctinow/199822...

RHEL 8 : 389-ds:1.4 (RHSA-2024:1074)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1074 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...