101 matches found
CVE-2026-1278
The Mandatory Field plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions...
CVE-2020-1278
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1257, CVE-2020-1293...
CVE-2019-1278
An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1253, CVE-2019-1303...
CVE-2025-1278
An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17.10 before 17.10.6, and 17.11 before 17.11.2. Under certain conditions users could bypass IP access restrictions and view sensitive information...
CVE-2025-1278
An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17.10 before 17.10.6, and 17.11 before 17.11.2. Under certain conditions users could bypass IP access restrictions and view sensitive information...
CVE-2025-1278
creationtimestamp| type| source ---|---|--- 2025-05-09 16:24:59+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15761 2025-05-09 16:45:32+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loqukbxkymg2 2025-05-09...
CVE-2025-1278
GitLab CE/EE contains CVE-2025-1278: an issue in which, under certain conditions, users could bypass IP access restrictions and view sensitive information. Affected versions are GitLab from 12.0 up to 17.9.8 (pre-17.9.8), 17.10 up to 17.10.6 (pre-17.10.6), and 17.11 up to 17.11.2 (pre-17.11.2). T...
CVE-2025-1278 Insufficient Granularity of Access Control in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17.10 before 17.10.6, and 17.11 before 17.11.2. Under certain conditions users could bypass IP access restrictions and view sensitive information...
CVE-2025-1278 Insufficient Granularity of Access Control in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17.10 before 17.10.6, and 17.11 before 17.11.2. Under certain conditions users could bypass IP access restrictions and view sensitive information...
CVE-2025-1278
Removed by vendor...
GitLab 12.0 < 17.9.8 / 17.10 < 17.10.6 / 17.11 < 17.11.2 (CVE-2025-1278)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17.10 before 17.10.6, and 17.11 before 17.11.2. Under certain conditions users could bypass IP access...
RHEL 7 / 8 : Red Hat OpenStack Platform (openstack-nova) (RHSA-2023:1278)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1278 advisory. OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant...
SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2024:1278-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:1278-1 advisory. - When a router encounters an IPv6 packet too big to transmit to the next-hop, it returns an ICMP6 Packet Too Big PTB message to the sender. The sender...
CVE-2024-1278 Easy Social Feed – Social Photos Gallery – Post Feed – Like Box <= 6.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'efblikebox' shortcode in all versions up to, and including, 6.5.4 due to insufficient input sanitization and output escaping on user supplied...
CVE-2024-1278
CVE-2024-1278 affects the WordPress plugin “Easy Social Feed – Social Photos Gallery – Post Feed – Like Box.” The vulnerability is Stored XSS through the plugin’s shortcodes, specifically the efb_likebox shortcode, in all versions up to 6.5.4. The root cause is insufficient input sanitization and...
Important: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...
WordPress Easy Social Feed Plugin <= 6.5.4 is vulnerable to Cross Site Scripting (XSS)
Software Easy Social Feed Type Plugin Vulnerable versions = 6.5.4 Fixed in 6.5.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1278 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 71784cc8d436 Credits Richard Telleng stueotu...
Oracle Linux 5 : lftp (ELSA-2009-1278)
The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2009-1278 advisory. - Resolves: 239334 solves CVE-2007-2348 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...
Moderate: Red Hat Security Advisory: Red Hat JBoss EAP 7.4.10 XP 4.0.0.GA security release
JBoss EAP XP 4.0.0.GA security release on the EAP 7.4.10 base is now available. See references for release notes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
CVE-2023-1278
creationtimestamp| type| source ---|---|--- 2023-03-08 22:23:56+00:00| seen| https://t.me/cibsecurity/59686...