CVE-2026-1237

creationtimestamp| type| source ---|---|--- 2026-01-29 15:40:51+00:00| seen| https://gist.github.com/alon710/e49bd8e494bc74785456a45ff96b4d99...

CVE-2026-1237

Summary: CVE-2026-1237 describes a vulnerability in Juju where broken cross-model authorization allows a charm to retain access after permissions are revoked or expired by minting an invalid macaroon that the controller erroneously accepts. The root cause is that the Juju controller may fail to v...

MiracleLinux 8 : edk2-20200602gitca407c7246bf-3.el8 (AXSA:2021-1237:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1237:01 advisory. edk2: memory leak in ArpOnFrameRcvdDpc CVE-2019-14559 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

EUVD-2026-1237

The iPaymu Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authentication in all versions up to, and including, 2.0.2 via the 'checkipaymuresponse' function. This is due to the plugin not validating webhook request authenticity through signature verification or origi...

Google Chrome < 4.2.77.14 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 4.2.77.14. It is, therefore, affected by multiple vulnerabilities as referenced in the 201504stable-channel-update14 advisory. - Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attackers to...

CVE-2020-1237

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-127...

CVE-2019-1237

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1298, CVE-2019-1300...

CVE-1999-1237 vulnerabilities

Vulnerabilities for packages: apache2...

CVE-2024-1237

creationtimestamp| type| source ---|---|--- 2025-02-06 02:44:20+00:00| seen| Telegram/fudr4ZTrMHFqVgIv89IVFcIZJbrtqhHrmLVjBd0z2eCzKpES...

CVE-2024-1237

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the flyoutlayout attribute in all versions up to, and including, 1.6.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-1237 Elementor Header & Footer Builder <= 1.6.24 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the flyoutlayout attribute in all versions up to, and including, 1.6.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-1237

The CVE-2024-1237 vulnerability affects the Elementor Header & Footer Builder plugin for WordPress and is a Stored Cross-Site Scripting flaw via the flyout_layout attribute in versions up to 1.6.24, caused by insufficient input sanitization and output escaping. Exploitation could allow an authent...

WordPress Elementor – Header, Footer & Blocks Template Plugin <= 1.6.24 is vulnerable to Cross Site Scripting (XSS)

Software Elementor – Header, Footer & Blocks Template Type Plugin Vulnerable versions = 1.6.24 Fixed in 1.6.25 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1237 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d8efb70c30ae...

CVE-2023-1237

creationtimestamp| type| source ---|---|--- 2023-03-07 12:13:38+00:00| seen| https://t.me/cibsecurity/59554...

CVE-2023-1237 Cross-site Scripting (XSS) - Stored in answerdev/answer

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1237

CVE-2023-1237 affects the GitHub project answerdev/answer prior to version 1.0.6. The issue is a Stored Cross-site Scripting (XSS) vulnerability in user-supplied content that is stored and later displayed. The provided connected documents confirm the vulnerability type (XSS) and affected version ...

SUSE CVE-2015-1237

Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/renderframeimpl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages...

SUSE CVE-2016-1237

nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, and nfs4acl.c...

CVE-2022-1237

CVE-2022-1237 affects radare2 (radareorg/radare2) prior to 5.6.8. The issue is an improper validation of an array index, resulting in a heap overflow. The reports describe this as potentially exploitable, with impact on confidentiality, integrity, and availability. Remediation: upgrade to radare2...

CVE-2022-1237

Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see CWE...