CVE-2026-10871

creationtimestamp| type| source ---|---|--- 2026-06-04 23:11:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mniqponzlm2h 2026-06-05 02:45:36+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mnj4ndy4gf2f...

MiracleLinux 7 : evince-3.28.2-9.el7poppler-0.26.5-42.el7 (AXSA:2020-4565:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4565:01 advisory. poppler: integer overflow in Parser::makeStream in Parser.cc CVE-2018-21009 poppler: heap-based buffer over-read in function...

CVE-2025-10871 Missing Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions from 16.6 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1. Project Maintainers can exploit a vulnerability where they can assign custom roles to users with permissions exceeding their own, effectively granting themselves...

GitLab 16.6 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-10871)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Missing Authorization in GitLab CVE-2025-10871 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

Linux Distros Unpatched Vulnerability : CVE-2018-10871

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica and/or retroChangeLog...

CVE-2024-10871

The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.2 via the 'paramscaf-post-layout' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the...

WordPress Category Ajax Filter Plugin <= 2.8.2 is vulnerable to Local File Inclusion

Software Category Ajax Filter Type Plugin Vulnerable versions = 2.8.2 Fixed in 2.8.3 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-10871 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 41b4026eef43 Credits Le Ngoc Anh Required privilege...

CVE-2024-10871

creationtimestamp| type| source ---|---|--- 2024-11-09 07:51:17+00:00| seen| https://infosec.exchange/users/cve/statuses/113451904328749808 2024-11-09 09:56:29+00:00| seen| https://t.me/cvedetector/10282...

CVE-2024-10871 Category Ajax Filter <= 2.8.2 - Unauthenticated Local File Inclusion

The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.2 via the 'paramscaf-post-layout' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the...

RHEL 7 : 389-ds-base (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - 389-ds-base: replication and the Retro Changelog plugin store plaintext password by default CVE-2018-10871 Note tha...

Oracle Linux 8 : 389-ds:1.4 (ELSA-2019-3401)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3401 advisory. - In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will be waited by the worker for at most 'ioblocktimeout'...

SUSE SLED15 / SLES15 Security Update : poppler (SUSE-SU-2021:3854-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3854-1 advisory. - The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a...

SUSE: Security Advisory (SUSE-SU-2021:3854-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2021-1699)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.05 / MAIN 5.05 : poppler Multiple Vulnerabilities (NS-SA-2020-0110)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has poppler packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc...

USN-4646-2 poppler regression

USN-4646-1 fixed vulnerabilities in poppler. The fix for CVE-2019-10871 introduced a regression causing certain applications linked against poppler to fail. This update backs out the fix pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovere...

USN-4646-2: poppler regression

USN-4646-1 fixed vulnerabilities in poppler. The fix for CVE-2019-10871 introduced a regression causing certain applications linked against poppler to fail. This update backs out the fix pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovere...

Medium: poppler

Issue Overview: An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc. CVE-2019-10871 Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc.CVE-2018-21009 The JPXStream::init...

Amazon Linux AMI : poppler (ALAS-2020-1398)

The version of poppler installed on the remote host is prior to 0.26.5-42.20. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1398 advisory. The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through...

Moderate: Red Hat Security Advisory: poppler and evince security update

An update for poppler and evince is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...