216 matches found
CVE-2025-1122
Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 15753.50.0 stable on Cr50 Boards allows an attacker with root access to gain persistence and Bypass operating system verification via exploiting the NVRead functionality during the Challenge-Response process...
CVE-2025-1122
creationtimestamp| type| source ---|---|--- 2025-04-15 19:55:28+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11895 2025-04-15 20:10:09+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114343792428511571 2025-04-16 00:08:32+00:00| seen| https://t.me/cvedetector/23012...
CVE-2025-1122
Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 15753.50.0 stable on Cr50 Boards allows an attacker with root access to gain persistence and Bypass operating system verification via exploiting the NVRead functionality during the Challenge-Response process...
CVE-2025-1122
CVE-2025-1122 affects Google ChromeOS (ChromeOS, TPM2 Reference Library) on Cr50-based devices. The connected PT-2025-16388 entry provides concrete details: Out-of-Bounds Write in the TPM2 Reference Library, exploitable by a user with root access to gain persistence and bypass OS verification via...
RHSA-2025:1122
creationtimestamp| type| source ---|---|--- 2025-03-15 00:45:37+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7645...
Linux Distros Unpatched Vulnerability : CVE-2022-1122
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the opj2decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to alloca...
Linux Distros Unpatched Vulnerability : CVE-2018-1122
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, th...
RHEL 6 : procps (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - procps-ng, procps: Local privilege escalation in top CVE-2018-1122 - procps-ng, procps is vulnerable to a...
SUSE: Security Advisory (SUSE-SU-2024:1122-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.21 (SUSE-SU-2024:1122-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1122-1 advisory. - CVE-2023-45288: Fixed denial of service via HTTP/2 continuation frames bsc1221400 Tenable has extracted...
WordPress Eventin Plugin <= 3.3.50 is vulnerable to Broken Access Control
Software Eventin Type Plugin Vulnerable versions = 3.3.50 Fixed in 3.3.51 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1122 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID a2c7fec8c772 Credits Francesco Carlucci Required privileg...
CVE-2024-1122
creationtimestamp| type| source ---|---|--- 2024-02-09 06:21:28+00:00| seen| https://t.me/ctinow/181818 2024-03-02 13:11:30+00:00| seen| https://t.me/ctinow/198345 2025-10-07 14:00:08+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3m2mby3chzs2b...
CVE-2024-1122
The Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportdata function in all versions up to, and including, 3.3.50. This makes it possible for unauthenticated...
CVE-2024-1122 Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin <= 3.3.50 - Missing Authorization to Unauthenticated Events Export
The Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportdata function in all versions up to, and including, 3.3.50. This makes it possible for unauthenticated...
CVE-2024-1122
The WordPress plugin set for Eventin (Event Manager, Events Calendar, Events Tickets for WooCommerce) is vulnerable to Broken Access Control due to a missing capability check in the export_data() function. All versions up to and including 3.3.50 allow unauthenticated attackers to export event dat...
Rocky Linux 8 : openjpeg2 (RLSA-2022:7645)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7645 advisory. - A flaw was found in the opj2decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to...
F5 Networks BIG-IP : procps-ng vulnerability (K00409335)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1. It is, therefore, affected by a vulnerability as referenced in the K00409335 advisory. procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME uns...
Oracle Linux 7 : procps-ng (ELSA-2019-2189)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2189 advisory. 3.3.10-26 - free: unreclaimable slabs counted into free memory, used mem incorrect - Resolves: rhbz1699264 3.3.10-25 - ps: recognize SCHEDDEADLINE in CLS field,...
Cisco Nexus 7000 M1-Series Modules Crafted Packet (CVE-2013-1122)
Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport Virtualization OTV configuration is used, allows remote attackers to cause a denial of service M1-Series module reload via crafted packets, aka Bug ID CSCud15673. This plugin only works with Tenable.ot. Please visit...
WordPress Simple Giveaways Plugin < 2.45.1 is vulnerable to Cross Site Scripting (XSS)
Software Simple Giveaways Type Plugin Vulnerable versions 2.45.1 Fixed in 2.45.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1122 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID 8adf4cd8d10f Credits Varun Required...