CVE-2026-1109

creationtimestamp| type| source ---|---|--- 2026-01-18 05:33:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcofplym3v2x...

Amazon Linux 2023 : ecs-init (ALAS2023-2025-1109)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1109 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which a...

CVE-2019-1109

A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the web page making a request to Office documents.An attacker who successfully exploited this vulnerability could read or write information in Office documents.The security update addresses the...

Cisco IP Phones Denial of Service (CVE-2003-1109)

The Session Initiation Protocol SIP implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages...

RHEL 8 : python-jinja2 (RHSA-2025:1109)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:1109 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

Moderate: Red Hat Security Advisory: libmicrohttpd security update

An update for libmicrohttpd is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

CVE-2012-1109

creationtimestamp| type| source ---|---|--- 2024-02-13 08:56:26+00:00| seen| https://t.me/ctinow/183665...

CVE-2024-1109

creationtimestamp| type| source ---|---|--- 2024-02-07 12:21:56+00:00| seen| https://t.me/ctinow/180657 2024-03-01 17:17:18+00:00| seen| https://t.me/ctinow/197805...

CVE-2024-1109 Podlove Podcast Publisher <= 4.0.11 - Missing Authorization to Unauthenticated Data Export

The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the initdownload and init functions in all versions up to, and including, 4.0.11. This makes it possible for unauthenticated attackers to export the plugin's tracki...

CVE-2024-1109

The Podlove Podcast Publisher plugin for WordPress (versions ≤ 4.0.11) has a vulnerability caused by a missing capability check in the init_download() and init() functions, allowing unauthenticated attackers to export the plugin’s tracking data and podcast information. The issue is tied to Broken...

WordPress Podlove Podcast Publisher Plugin <= 4.0.11 is vulnerable to Broken Access Control

Software Podlove Podcast Publisher Type Plugin Vulnerable versions = 4.0.11 Fixed in 4.0.12 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1109 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6b607bcd865e Credits Lucio Sá Required...

Phoenix Contact ENERGY AXC PU Path Traversal (CVE-2023-1109)

In Phoenix Contacts ENERGY AXC PU Web service an authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality of the web service. This may lead to full control of the...

CVE-2023-1109

creationtimestamp| type| source ---|---|--- 2023-04-17 12:28:11+00:00| seen| https://t.me/cibsecurity/62263 2024-01-04 05:39:16+00:00| seen| https://t.me/arpsyndicate/2437...

CVE-2023-1109

In Phoenix Contacts ENERGY AXC PU Web service an authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality of the web service. This may lead to full control of the...

CVE-2023-1109 PHOENIX CONTACT: Directory Traversal Vulnerability in ENERGY AXC PU Web service

In Phoenix Contacts ENERGY AXC PU Web service an authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality of the web service. This may lead to full control of the...

CVE-2023-1109

Phoenix Contact ENERGY AXC PU Web Service is affected by a path traversal vulnerability (CVE-2023-1109). An authenticated restricted user can craft URLs through the upload/download functionality to access, read, write, and create files across the file system, potentially gaining full control of t...

RHEL 8 : kernel (RHSA-2023:1109)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1109 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and...

Debian: Security Advisory (DSA-2189-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-1109

An incorrect default permissions vulnerability in Lenovo Leyun cloud music application could allow denial of service...

CVE-2022-1109

Technical details for CVE-2022-1109 are not publicly available in the provided documents. Monitor for updates from Lenovo/Lenovo Leyun, Red Hat, NVD and CVE lists to obtain affected products, versions, and fixes.