CVE-2026-1155

creationtimestamp| type| source ---|---|--- 2026-01-19 13:34:16+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcrqzns6r22m 2026-01-19 13:43:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcrrjw6geb2k...

CVE-2026-1155

A vulnerability was found in Totolink LR350 9.3.5u.6369B20220309. Affected by this vulnerability is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid results in buffer overflow. The attack may be performed from remote. The exploit has been ma...

MiracleLinux 7 : sudo-1.8.6p7-21.el7 (AXSA:2016-1155:03)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-1155:03 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while loggi...

CVE-2025-14936

creationtimestamp| type| source ---|---|--- 2025-12-18 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1155/...

SUSE SLES15 / openSUSE 15 Security Update : govulncheck-vulndb (SUSE-SU-2025:1155-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:1155-1 advisory. - Update to version 0.0.20250402T160203 2025-04-02T16:02:03Z jscPED-11136 GO-2025-3443 GO-2025-3581 GO-2025-3582 GO-2025-3583 GO-2025-3584...

Linux Distros Unpatched Vulnerability : CVE-2011-1155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service rotation outage via a...

CVE-2025-1155

A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. This affects an unknown part of the file /stores of the component Your Location Search. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. It is planned to remove...

CVE-2025-1155 Webkul QloApps Your Location Search stores cross site scripting

A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. This affects an unknown part of the file /stores of the component Your Location Search. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. It is planned to remove...

CVE-2025-1155 Webkul QloApps Your Location Search stores cross site scripting

A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. This affects an unknown part of the file /stores of the component Your Location Search. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. It is planned to remove...

CVE-2022-1155

Old sessions are not blocked by the login enable function. in GitHub repository snipe/snipe-it prior to 5.3.10...

CVE-2024-1155

Incorrect permissions in the installation directories for shared SystemLink Elixir based services may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-1155

creationtimestamp| type| source ---|---|--- 2024-02-20 16:37:06+00:00| seen| https://t.me/ctinow/188675 2024-02-20 16:37:18+00:00| seen| https://t.me/ctinow/188684 2024-02-21 15:03:12+00:00| seen| https://t.me/arpsyndicate/3827 2025-02-12 19:08:53+00:00| seen|...

CVE-2024-1155 Incorrect permissions for shared NI SystemLink Elixir based services

Incorrect permissions in the installation directories for shared SystemLink Elixir based services may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-1155 Incorrect permissions for shared NI SystemLink Elixir based services

Incorrect permissions in the installation directories for shared SystemLink Elixir based services may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-1155

CVE-2024-1155 describes incorrect permissions in the installation directories for shared NI SystemLink Elixir based services, leading to potential privilege escalation via local access by an authenticated user. The root cause is improper permissions on installation paths that allow unauthorized l...

there's missing check for _metadataURI in createNewShare

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept function createNewShare string memory shareName, address bondingCurve, string memory metadataURI external onlyShareCreator returns uint256 id requirewhitelistedBondingCurvesbondingCurve...

CVE-2023-1155 Cost Calculator <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Cost Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ndccmetaboxccpriceicon parameter in versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-lev...

CVE-2023-1155

CVE-2023-1155 : The Cost Calculator plugin for WordPress (versions up to 1.8) is vulnerable to Stored Cross-Site Scripting via the nd_cc_meta_box_cc_price_icon parameter. Exploitation requires authenticated access at contributor level or higher, and scripts run when a user visits an injected page...

CVE-2023-1155 Cost Calculator <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Cost Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ndccmetaboxccpriceicon parameter in versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-lev...

SUSE CVE-2010-1155

Irssi before 0.8.15, when SSL is used, does not verify that the server hostname matches a domain name in the subject's Common Name CN field or a Subject Alternative Name field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IRC servers via an arbitrary certificate...