CVE-2026-39907

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose an unauthenticated WCF SOAP endpoint on TCP port 1208 that accepts unsanitized file paths in the ReadLicense action's LFName parameter, allowing remote attackers to trigger SMB connections and leak NTLMv2...

EUVD-2026-22726

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose an unauthenticated WCF SOAP endpoint on TCP port 1208 that accepts unsanitized file paths in the ReadLicense action's LFName parameter, allowing remote attackers to trigger SMB connections and leak NTLMv2...

CVE-2026-39907

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose an unauthenticated WCF SOAP endpoint on TCP port 1208 that accepts unsanitized file paths in the ReadLicense action's LFName parameter, allowing remote attackers to trigger SMB connections and leak NTLMv2...

CVE-2026-39907 Unisys WebPerfect Image Suite 3.0 NTLMv2 Hash Leakage via WCF SOAP

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose an unauthenticated WCF SOAP endpoint on TCP port 1208 that accepts unsanitized file paths in the ReadLicense action's LFName parameter, allowing remote attackers to trigger SMB connections and leak NTLMv2...

CVE-2026-39907

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose an unauthenticated WCF SOAP endpoint on TCP 1208. The ReadLicense action’s LFName accepts unsanitized file paths, enabling crafted SOAP requests with UNC paths to trigger outbound SMB connections and leak NTLMv2 machi...

CVE-2026-39907 Unisys WebPerfect Image Suite 3.0 NTLMv2 Hash Leakage via WCF SOAP

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose an unauthenticated WCF SOAP endpoint on TCP port 1208 that accepts unsanitized file paths in the ReadLicense action's LFName parameter, allowing remote attackers to trigger SMB connections and leak NTLMv2...

CVE-2026-39907

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose an unauthenticated WCF SOAP endpoint on TCP port 1208 that accepts unsanitized file paths in the ReadLicense action's LFName parameter, allowing remote attackers to trigger SMB connections and leak NTLMv2...

Unisys WebPerfect Image Suite 安全漏洞

Unisys WebPerfect Image Suite is an enterprise document imaging and management system developed by Unisys, Inc. Both versions of Unisys WebPerfect Image Suite 3.0.3960.22810 and 3.0.3960.22604 contain security vulnerabilities. These vulnerabilities stem from unvalidated WCF SOAP endpoints located...

PT-2026-32938

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose an unauthenticated WCF SOAP endpoint on TCP port 1208 that accepts unsanitized file paths in the ReadLicense action's LFName parameter, allowing remote attackers to trigger SMB connections and leak NTLMv2...

CVE-2026-1208

creationtimestamp| type| source ---|---|--- 2026-01-24 13:27:02+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3md6cxdc2dc2n...

Exploit for CVE-2026-1208

CVE-2026-1208: Cross-Site Request Forgery in Friendly Function...

MiracleLinux 4 : thunderbird-45.6.0-1.AXS4 (AXSA:2016-1208:09)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-1208:09 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security issues fixed with this release: CVE-2016-9893 RESERVED This candidate has be...

EUVD-2019-17663

Malware in sbrugna...

CVE-2023-1208

This HTTP Headers WordPress plugin before 1.18.11 allows arbitrary data to be written to arbitrary files, leading to a Remote Code Execution vulnerability...

CVE-2022-1208

The Ultimate Member plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Biography field featured on individual user profile pages due to insufficient input sanitization and output escaping that allows users to encode malicious web scripts with HTML encoding that is reflected...

CVE-2013-1208

The encryption functionality in Cisco NX-OS on the Nexus 1000V does not properly handle Virtual Supervisor Module VSM to Virtual Ethernet Module VEM communication, which allows remote attackers to intercept or modify network traffic by leveraging certain Layer 2 or Layer 3 access, aka Bug ID...

CVE-2025-1208

creationtimestamp| type| source ---|---|--- 2025-02-12 16:16:44+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhyl4b3win2a 2025-02-12 18:33:24+00:00| seen| https://t.me/cvedetector/17888 2025-02-21 15:03:13+00:00| seen|...

CVE-2025-1208

CVE-2025-1208 affects code-projects Wazifa System 1.0. The vulnerability stems from insufficient validation/escaping of user-supplied data in the postcontent parameter of /Profile.php, enabling cross-site scripting. Public exploitation has been reported; the attack can be remote and requires low ...

CentOS 7 : qemu-kvm (RHSA-2020:1208)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1208 advisory. - In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code. CVE-2020-8608 Note that Nessus...

Exploit for CVE-2024-1208

Badges !MIT Licensehttps://img.shields.io/badge/Licens...