SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting

The Virtual Keyboard plugin for SquirrelMail 1.2.6/1.2.7 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. id: CVE-2002-1131 info: name: SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting author: dhiyaneshDk,s4e-io severity: high description:...

CVE-2026-1131

creationtimestamp| type| source ---|---|--- 2026-01-19 06:04:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcqxukmtox2k...

MiracleLinux 4 : thunderbird-45.5.0-1.AXS4 (AXSA:2016-1131:08)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-1131:08 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security issues fixed with this release: CVE-2016-5290 RESERVED This candidate has been reserv...

CVE-2020-7483

VERSION NOT SUPPORTED WHEN ASSIGNED A vulnerability could cause certain data to be visible on the network when the 'password' feature is enabled. This vulnerability was discovered in and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. The 'password' feature is an additional optional...

[SECURITY] [DLA 4326-1] asterisk security update

Debian LTS Advisory DLA-4326-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany October 10, 2025 https://wiki.debian.org/LTS Package : asterisk Version : 1:16.28.0dfsg-0+deb11u8 CVE ID : CVE-2025-1131 CVE-2025-54995 Two security vulnerabilities have been discovered...

CVE-2024-1131

creationtimestamp| type| source ---|---|--- 2025-09-25 00:36:29+00:00| seen| MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51...

CVE-2025-1131

A local privilege escalation vulnerability exists in the safeasterisk script included with the Asterisk toolkit package. When Asterisk is started via this script common in SysV init or FreePBX environments, it sources all .sh files located in /etc/asterisk/startup.d/ as root, without validating...

CVE-2025-1131

A local privilege escalation vulnerability exists in the safeasterisk script included with the Asterisk toolkit package. When Asterisk is started via this script common in SysV init or FreePBX environments, it sources all .sh files located in /etc/asterisk/startup.d/ as root, without validating...

CVE-2020-1131

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1134, CVE-2020-1144, CVE-2020-1184,...

CVE-2011-1131

The PlushSearch2 function in Search.php in Simple Machines Forum SMF before 1.1.13, and 2.x before 2.0 RC5, uses certain cached data in a situation where a temporary table has been created, even though this cached data is intended only for situations where a temporary table has not been created,...

CVE-2013-1131

Cisco Small Business Wireless Access Points WAP200, WAP2000, WAP200E, and WET200 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SSID that is not properly handled during a site survey, aka Bug IDs CSCua86182, CSCua91196, CSCud36155, and...

Oracle Linux 9 : golang (ELSA-2024-1131)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1131 advisory. 1.20.12-1 - Rebase to 1.20.12 - Fix CVE-2023-45285 CVE-2023-39326 Tenable has extracted the preceding description block directly from the Oracle Linux...

AlmaLinux 9 : golang (ALSA-2024:1131)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1131 advisory. - A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network th...

RHEL 9 : golang (RHSA-2024:1131)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1131 advisory. The golang packages provide the Go programming language compiler. Security Fixes: golang: net/http/internal: Denial of Service DoS via...

CVE-2023-1131

creationtimestamp| type| source ---|---|--- 2023-03-01 22:33:49+00:00| seen| https://t.me/cibsecurity/59270 2025-03-06 19:38:15+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6731...

CVE-2023-1131

CVE-2023-1131 affects the SourceCodester Computer Parts Sales and Inventory System 1.0. The vulnerability is a cross-site scripting flaw in the file customer.php , triggered by manipulating the arguments FIRST_NAME/LAST_NAME/PHONE_NUMBER . It can be exploited remotely, and the exploit has been di...

DEBIAN-CVE-2022-1131

Use after free in Cast UI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-1131

Use after free in Cast UI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-1131

Use after free in Cast UI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-1131

CVE-2022-1131 is a security issue in Google Chrome's Cast UI . It is a Use-after-Free vulnerability that could enable heap corruption and potentially arbitrary code execution when a crafted HTML page is loaded. This CVE was addressed in Chrome 100.0.4896.60 (and later) as part of the March 2022 s...