1cijferho (=0.1.0), 203-python-project-rc (>=0.2.0 <=0.2.2) +3215 more potentially affected by CVE-2026-10804 via streamlit (>=0.49.0 <=1.9.2)

streamlit PYPI version =0.49.0, =0.2.0, =0.1.0, =0.1.0, =0.7.1, =0.1.6, =0.1.0, =0.0.1, =1.1.0, =2.0.0, =0.0.0, =0.0.15 and more Source cves: CVE-2026-10804 Source advisory: SNYK:PYTHON-STREAMLIT-17176399...

PYSEC-0000-CVE-2026-10804

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

CVE-2026-10804 Streamlit Palette hashing.py weak hash

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

CVE-2026-10804

CVE-2026-10804 affects Streamlit up to 1.53.0, targeting an unknown function in the Palette Handler’s hashing.py (lib/streamlit/runtime/caching/hashing.py). The issue allows use of a weak hash due to the described manipulation, with local access required and a high attack complexity. The exploita...

CVE-2025-10804 Campcodes Online Beauty Parlor Management System add-customer.php sql injection

A vulnerability was found in Campcodes Online Beauty Parlor Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/add-customer.php. Performing manipulation of the argument mobilenum results in sql injection. The attack can be initiated remotely. The exploi...

CVE-2025-10804

CVE-2025-10804 impacts Campcodes Online Beauty Parlor Management System 1.0, specifically the file /admin/add-customer.php. The vulnerability arises from manipulation of the mobilenum parameter, leading to a SQL injection. It is exploitable remotely and the exploit is public. Various sources rate...

CVE-2019-10804

serial-number through 1.3.0 allows execution of arbritary commands. The "cmdPrefix" argument in serialNumber function is used by the "exec" function without any validation...

CVE-2024-10804

The Ultimate Video Player WordPress & WooCommerce Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 10.0 via the content/downloader.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the...

CVE-2024-10804

The Ultimate Video Player WordPress & WooCommerce Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 10.0 via the content/downloader.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the...

CVE-2024-10804

creationtimestamp| type| source ---|---|--- 2025-03-07 08:35:04+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6817 2025-03-08 04:34:56+00:00| seen| Telegram/vIKFwTGY3sbfywu7KH3zgXq94bykvhw1AKV3z25wU-LQg0...

CVE-2024-10804

CVE-2024-10804 describes a directory traversal vulnerability in the Ultimate Video Player WordPress & WooCommerce Plugin (≤ v10.0) that permits unauthenticated attackers to read arbitrary server files via content/downloader.php. The associated metrics show a CVSS v3.1 base score of 7.5 (High) wit...

CVE-2024-10804 Ultimate Video Player <= 10.0 - Unauthenticated Arbitrary File Download

The Ultimate Video Player WordPress & WooCommerce Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 10.0 via the content/downloader.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the...

Linux Distros Unpatched Vulnerability : CVE-2018-10804

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c. CVE-2018-10804 Note that Nessus relies on the presence of the package as...

Important: ImageMagick

Issue Overview: Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service segmentation fault or possibly execute arbitrary code via vectors involving the offset variable. CVE-2016-5841 ImageMagick 7.0.7-12 Q16, a CPU exhaustion...

Mageia: Security Advisory (MGASA-2020-0150)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

@concepto/eb (>=1.1.7 <=1.1.95), @concepto/nuxt (=1.9.427) +11 more potentially affected by CVE-2019-10804 via serial-number (>=0.3.0 <=1.3.0)

serial-number NPM version =0.3.0, =1.1.7, =0.0.1, =1.9.35, =1.1.0, =1.1.1, =0.2.1, =0.1.4, =0.1.1, =0.1.24, =2.5.0, =3.1.1 Source cves: CVE-2019-10804 Source advisory: OSV:GHSA-3FW4-4H3M-892H...

USN-4639-1: phpMyAdmin vulnerabilities

It was discovered that there was a bug in the way phpMyAdmin handles the phpMyAdmin Configuration Storage tables. An authenticated attacker could use this vulnerability to cause phpmyAdmin to leak sensitive files. CVE-2018-19968 It was discovered that phpMyAdmin incorrectly handled user input. An...

openSUSE Security Update : phpMyAdmin (openSUSE-2020-1806)

This update for phpMyAdmin fixes the following issues : phpMyAdmin was updated to 4.9.7 boo1177842 : - Fix two factor authentication that was broken in 4.9.6 - Fix incompatibilities with older PHP versions Update to 4.9.6 : - Fixed XSS relating to the transformation feature boo1177561...

openSUSE: Security Advisory for phpMyAdmin (openSUSE-SU-2020:1806-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2020-1806)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...