CVE-2026-1266

creationtimestamp| type| source ---|---|--- 2026-01-24 11:08:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3md637jdath2n...

CVE-2026-1266

The Postalicious plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions an...

MiracleLinux 7 : dnsmasq-2.76-16.el7.1 (AXSA:2021-1266:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1266:01 advisory. dnsmasq: loose address/port check in replyquery makes forging replies easier for an off-path attacker CVE-2020-25684 dnsmasq: loose query name check...

Security Bulletin: IBM Security Guardium is affected by a Incorrect Permission Assignment for Critical Resource vulnerability (CVE-2017-1266 )

Summary IBM Security Guardium has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2017-1266 DESCRIPTION: IBM Security Guardium specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. CVSS Base...

CVE-2022-1266

The Post Grid, Slider & Carousel Ultimate WordPress plugin before 1.5.0 does not sanitise and escape the Header Title, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2014-1266

creationtimestamp| type| source ---|---|--- 2025-05-12 17:28:27+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3loyimgmhoe2v...

Linux Distros Unpatched Vulnerability : CVE-2007-1266

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between...

RockyLinux 8 : kernel (RLSA-2025:1266)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:1266 advisory. kernel: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 Tenable has extracted the preceding description block directl...

CVE-2023-1266

creationtimestamp| type| source ---|---|--- 2025-02-11 02:16:03+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhulo2r5eq27...

CVE-2024-1266 CodeAstro University Management System Student Registration Form st_reg.php cross site scripting

A vulnerability classified as problematic was found in CodeAstro University Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /streg.php of the component Student Registration Form. The manipulation of the argument Address leads to cross site scripting...

CVE-2024-1266

CodeAstro University Management System v1.0 has a cross-site scripting vulnerability in the Student Registration Form’s /st_reg.php, caused by unsafely handling the Address parameter. The issue can be exploited remotely and has been publicly disclosed (VDB-253009). Impact is described as limited ...

CVE-2024-1266 CodeAstro University Management System Student Registration Form st_reg.php cross site scripting

A vulnerability classified as problematic was found in CodeAstro University Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /streg.php of the component Student Registration Form. The manipulation of the argument Address leads to cross site scripting...

CVE-2022-1266

The CVE-2022-1266 entry concerns the WordPress Post Grid, Slider & Carousel Ultimate plugin (versions

CVE-2020-1266

creationtimestamp| type| source ---|---|--- 2021-11-08 08:58:18+00:00| seen| MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422 2023-12-04 21:36:18+00:00| seen| https://t.me/arpsyndicate/1311...

Vulnerabilities fixed in Nitro Pro PDF

Vulnerabilities have been fixed in Nitro Pro PDF. The vulnerabilities allow an unauthenticated remote malicious person to opportunity to execute arbitrary code under the privileges of the application. To do this, the malicious agent must trick the victim to open a malicious file. Nitro Software...

CVE-2021-1266

creationtimestamp| type| source ---|---|--- 2021-02-04 20:40:31+00:00| seen| https://t.me/cibsecurity/23097...

CVE-2021-1266

A vulnerability in the REST API of Cisco Managed Services Accelerator MSX could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to the way that the affected software logs certain API requests. An attacker could...

CVE-2021-1266

CVE-2021-1266 affects Cisco Managed Services Accelerator (MSX). The REST API vulnerability arises from how the software logs certain API requests, which an authenticated, remote attacker can exploit by sending a flood of crafted API requests, potentially causing a DoS on the affected device. Conn...

CVE-2020-1275

Technical details for CVE-2020-1275 are not publicly available in the provided documents. Monitor for updates from official advisories; no confirmed affected products, impact, or remediation are stated here.

CVE-2020-1266

CVE-2020-1266 is a Windows kernel elevation-of-privilege vulnerability. The description attributes the issue to improper handling of objects in memory, enabling local privilege escalation with high impact (local access, minimal authentication). The provided metrics show a high base score (CVSS v3...