101 matches found
EUVD-2026-1258
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Frenify Arlo arlo allows Reflected XSS.This issue affects Arlo: from n/a through 6.0.3...
Plixer / Dell SonicWALL Scrutinizer < 9.0.1.19899 Multiple Vulnerabilities
Plixer / Dell SonicWALL Scrutinizer is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2022-1258
A blind SQL injection vulnerability in the ePolicy Orchestrator ePO extension of MA prior to 5.7.6 can be exploited by an authenticated administrator on ePO to perform arbitrary SQL queries in the back-end database, potentially leading to command execution on the server...
PT-2025-1258
Name of the Vulnerable Software and Affected Versions Kubernetes versions prior to 1.29.14 Kubernetes versions prior to 1.30.10 Kubernetes versions prior to 1.31.6 Description This issue is a command injection affecting Windows nodes via the /logs query API. An attacker with the ability to query ...
RHEL 7 : libvpx (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - chromium-browser: Negative-size parameter in Libvpx. CVE-2015-1258 - libvpx: denial of service DoS in...
SUSE: Security Advisory (SUSE-SU-2024:1258-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 6 / 7 : rh-mariadb102-mariadb and rh-mariadb102-galera (RHSA-2019:1258)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1258 advisory. MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The...
Huawei EulerOS: Security Advisory for compat-openssl10 (EulerOS-SA-2024-1258)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-1258
creationtimestamp| type| source ---|---|--- 2024-02-06 22:22:20+00:00| seen| https://t.me/ctinow/180364 2024-03-01 08:11:32+00:00| seen| https://t.me/ctinow/197377...
CVE-2024-1258
A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file api/config/params.php of the component API. The manipulation of the argument JWTKEYADMIN leads to use of hard-coded cryptographic k...
CVE-2024-1258
Juanpao JPShop API (component API) has a vulnerability in api/config/params.php where manipulating the JWT_KEY_ADMIN leads to use of a hard-coded cryptographic key. Affected versions: up to 1.5.02. The issue is tied to hard-coded keys, with reported high confidentiality impact and high attack com...
ABB FlowX 4.00 Information Disclosure
Exploit Title: ABB FlowX v4.00 - Exposure of Sensitive Information Date: 2023-03-31 Exploit Author: Paul Smith Vendor Homepage: https://new.abb.com/products/measurement-products/flow-computers/spirit-it-flow-x-series Version: ABB Flow-X all versions before V4.00 Tested on: Kali Linux CVE:...
ABB FlowX v4.00 - Exposure of Sensitive Information Exploit
Exploit Title: ABB FlowX v4.00 - Exposure of Sensitive Information Exploit Author: Paul Smith Vendor Homepage: https://new.abb.com/products/measurement-products/flow-computers/spirit-it-flow-x-series Version: ABB Flow-X all versions before V4.00 Tested on: Kali Linux CVE: CVE-2023-1258...
ABB FlowX v4.00 - Exposure of Sensitive Information
Exploit Title: ABB FlowX v4.00 - Exposure of Sensitive Information Date: 2023-03-31 Exploit Author: Paul Smith Vendor Homepage: https://new.abb.com/products/measurement-products/flow-computers/spirit-it-flow-x-series Version: ABB Flow-X all versions before V4.00 Tested on: Kali Linux CVE:...
CVE-2023-1258
creationtimestamp| type| source ---|---|--- 2023-03-31 12:22:05+00:00| seen| https://t.me/cibsecurity/61236...
CVE-2023-1258 Flow-X disclosure of sensitive information to unauthenticated users
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ABB Flow-X firmware on Flow-X embedded hardware web service modules allows Footprinting.This issue affects Flow-X: before 4.0...
CVE-2023-1258
CVE-2023-1258 affects ABB Flow-X firmware (Flow-X embedded hardware, web service modules). The root cause is insufficient protection of service data in the web service modules, leading to exposure of sensitive information to unauthenticated actors and enabling footprinting. Affected versions are ...
CVE-2023-1258 Flow-X disclosure of sensitive information to unauthenticated users
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ABB Flow-X firmware on Flow-X embedded hardware web service modules allows Footprinting.This issue affects Flow-X: before 4.0...
K18193959: Spring Framework vulnerability CVE-2018-1258
Security Advisory Description Spring Security in combination with Spring Framework versions prior to 5.0.6 contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted. CVE-2018-1258 Impact Traffix SD...
SUSE CVE-2015-1258
Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame...