115 matches found
ECHO-FADD-120A-1274
Bulletin has no description...
CVE-2026-1274
IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel...
CVE-2026-1274
IBM Guardium Data Protection 12.0, 12.1, and 12.2 are affected by CVE-2026-1274, a Bypass Business Logic vulnerability in the access management control panel (CWE-840). The IBM bulletin lists the affected versions and provides version-specific fixes via Fix Central bundles for 12.0, 12.1, and 12....
Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities (CVE-2026-1272, CVE-2020-16971, CVE-2026-1274)
Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2026-1272 DESCRIPTION: IBM Guardium Data Protection is vulnerable to Security Misconfiguration vulnerability in the user access control panel. CWE:CWE-613: Insufficient Session...
EUVD-2026-1274
The Bit Form – Contact Form Plugin plugin for WordPress is vulnerable to unauthorized workflow execution due to missing authorization in the triggerWorkFlow function in all versions up to, and including, 2.21.6. This is due to a logic flaw in the nonce verification where the security check only...
EUVD-2015-1274
Malware in sbrugna...
CVE-2024-1274
The My Calendar WordPress plugin before 3.4.24 does not sanitise and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks depending on the permissions set by the admin...
CVE-2020-1274
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266,...
CVE-2025-1274
creationtimestamp| type| source ---|---|--- 2025-04-16 13:56:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12047...
CVE-2025-1274
A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...
CVE-2025-1274 RCS File Parsing Out-of-Bounds Write Vulnerability
A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2025-1274)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-1274
The My Calendar WordPress plugin before 3.4.24 does not sanitise and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks depending on the permissions set by the admin...
CVE-2024-1274
The CVE-2024-1274 issue affects the My Calendar WordPress plugin prior to version 3.4.24. The vulnerability arises because the plugin does not sanitize or escape certain parameters, enabling Cross-Site Scripting (XSS) by users with a low-privilege role (Subscriber) depending on admin permissions....
CVE-2023-1274
creationtimestamp| type| source ---|---|--- 2023-04-17 16:41:56+00:00| seen| https://t.me/cibsecurity/62281 2025-03-03 19:30:41+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6251...
CVE-2023-1274
The Pricing Tables For WPBakery Page Builder formerly Visual Composer WordPress plugin before 3.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks...
CVE-2023-1274 Pricing Tables For WPBakery Page Builder < 3.0 - Subscriber+ LFI
The Pricing Tables For WPBakery Page Builder formerly Visual Composer WordPress plugin before 3.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks...
CVE-2023-1274
CVE-2023-1274 affects the WordPress plugin Pricing Tables For WPBakery Page Builder (formerly Visual Composer) up to version 3.0. The issue is caused by insufficient validation of shortcode attributes, which are used to generate file paths passed to include functions. This allows authenticated us...
WordPress Pricing Tables For WPBakery Page Builder Plugin < 3.0 is vulnerable to Local File Inclusion
Software Pricing Tables For WPBakery Page Builder Type Plugin Vulnerable versions 3.0 Fixed in 3.0 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2023-1274 Patch priority High CVSS severity High 7.7 Developer Claim ownership PSID d6cfa024a462 Credits Lana Codes Required...
CVE-2022-1274
CVE-2022-1274 is referenced in Red Hat advisories RHSA-2023-1043/1044 as a fix for Red Hat Single Sign-On 7.6.2 on RHEL 7/8/9. The vulnerability is linked to Keycloak’s execute-actions-email flow, with the cited issue being a missing email notification template allowlist that can enable an XSS-li...