CVE-2026-1126

creationtimestamp| type| source ---|---|--- 2026-01-18 17:51:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcpowledvy25...

CVE-2026-1126

A security vulnerability has been detected in lwj flow up to a3d2fe8133db9d3b50fda4f66f68634640344641. This affects the function uploadFile of the file \flow-master\flow-front-rest\src\main\java\com\dragon\flow\web\resource\flow\FormResource.java of the component SVG File Handler. The manipulatio...

CVE-2026-1126 lwj flow SVG File FormResource.java uploadFile unrestricted upload

A security vulnerability has been detected in lwj flow up to a3d2fe8133db9d3b50fda4f66f68634640344641. This affects the function uploadFile of the file \flow-master\flow-front-rest\src\main\java\com\dragon\flow\web\resource\flow\FormResource.java of the component SVG File Handler. The manipulatio...

Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2025-1126)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1126 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the InterpretImageFilename...

CVE-2024-1126

The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getattendeesemailbyeventid function in all versions up to, and including, 3.4.2. This makes it possible for authenticated attackers, wi...

CVE-2020-1126

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1028, CVE-2020-1136, CVE-2020-1150...

CVE-2003-1126

Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2018-1126

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc. leading to truncation/integer overflow issues. This flaw is related to...

CVE-2025-1126

creationtimestamp| type| source ---|---|--- 2025-02-11 17:16:48+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhw5yqktvy2d 2025-02-11 19:52:49+00:00| seen| https://t.me/cvedetector/17720 2025-02-14 02:41:25+00:00| seen|...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2025-1126)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress EventPrime Plugin <= 3.4.1 is vulnerable to Broken Access Control

Software EventPrime Type Plugin Vulnerable versions = 3.4.1 Fixed in 3.4.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1126 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f1030a0eaeb5 Credits Lucio Sá Required privilege...

CVE-2024-1126 EventPrime – Events Calendar, Bookings and Tickets <= 3.4.2 - Missing Authorization to Authenticated (Subscriber+) Attendee List Retrieval

The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getattendeesemailbyeventid function in all versions up to, and including, 3.4.2. This makes it possible for authenticated attackers, wi...

CVE-2024-1126

CVE-2024-1126 concerns the EventPrime – Events Calendar, Bookings and Tickets WordPress plugin. A missing capability check in get_attendees_email_by_event_id() affects all versions up to 3.4.1, enabling authenticated users with subscriber-level access (and higher) to retrieve the attendees list f...

F5 Networks BIG-IP : procps-ng vulnerability (K83271321)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K83271321 advisory. - procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc. leading to truncation/integ...

Oracle Linux 7 : mutt (ELSA-2020-1126)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-1126 advisory. 5:1.5.21-29 - Fix IMAP header caching path traversal vulnerability - Resolves: 1608011 - Resolves: CVE-2018-14355 Tenable has extracted the preceding descriptio...

CVE-2023-1126

creationtimestamp| type| source ---|---|--- 2023-04-24 22:25:02+00:00| seen| https://t.me/cibsecurity/62762 2025-02-06 02:42:29+00:00| seen| Telegram/ZkalQ3buJB7G1gMEPdKdtNrZQxT1TedHAEWINcbC01Sq7...

CVE-2023-1126 WP FEvents Book <= 0.46 - Subscriber+ Stored XSS

The WP FEvents Book WordPress plugin through 0.46 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Cross-Site Scripting attacks...

CVE-2023-1126

CVE-2023-1126 affects the WP FEvents Book WordPress plugin (versions

CVE-2023-1126 WP FEvents Book <= 0.46 - Subscriber+ Stored XSS

The WP FEvents Book WordPress plugin through 0.46 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Cross-Site Scripting attacks...

WordPress WP FEvents Book Plugin <= 0.46 is vulnerable to Cross Site Scripting (XSS)

Software WP FEvents Book Type Plugin Vulnerable versions = 0.46 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1126 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 345ebf3e10d0 Credits Ameen Alkurdy Required...